last executing test programs:

2.512636824s ago: executing program 1 (id=960):
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@base={0x14, 0x9, 0x0, 0x1, 0x84a, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5}, 0x50)

2.343299579s ago: executing program 1 (id=961):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.298150266s ago: executing program 1 (id=962):
syz_emit_ethernet(0x2e, &(0x7f0000000140)={@multicast, @local, @val={@val={0x88a8, 0x1, 0x0, 0x3}, {0x8100, 0x1, 0x0, 0x1}}, {@arp={0x806, @generic={0x108, 0x88ca, 0x6, 0x4, 0x9, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, "1b516df8"}}}}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.125980132s ago: executing program 2 (id=963):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000500)='./file0\x00', 0x1805a, &(0x7f0000000000)=ANY=[], 0x1, 0x1063a, &(0x7f0000020c40)="$eJzs3M2PE2UYAPCnLLCAiMTwYeLBSYzJbmIbuixEYqKoEDUBQvw4eFG77dAU2s66LWXlogdNPPhvcDNePPgXePH/MDHGiybeNJj5WLJLQL7Kwsrvl8w+77zzztP3bXazfWbSCeCJtT/5689a7IvdEdtnImJvRN6OWrUVTpbhuYh4ISK2rdtqVf+Njp0RsSci9uXJI2aqMfmh7z/78Z/J1TPfXHv1t49PXPuj9uhWDWy212/afykiBstl+8qgjFm3jBer/takV8TB4qSK5YHBpWo/K+OVdKnIcKW1Nq5VxKPdcny2fHmUxwv9VjuP3d6Fon95WL7gaNJdy1OccLG1Uux30qUi9kZZEbtXy3mtVvHqaFzm6VT5Pi/Sx3i8Fsv+dDUt17N8qYjt4bjqL/NmnXQ1j5MqVi8X7azfKeaxdE9v9ZZypje8vJpM0pVRLxsmxxrNVxrN4/XmStZJx+livTXoHF9M5rr9fFh9nLYGJ7tZ1u2njXY2mE/muu12vdlM5k6lS73WMGk2G0cbR+rH5qvWy8nb5z5M+p1kLo9v9oaXx73+KLmQrSTlGfPJQuPoifnkxWby/tnzyfn3Tp8+e/6DT059dO6Ns+++VQ1am9Zs8TsxTheTuYUjCwv15pH6QnP+Qdef/4/cGuu/Ma0prh8eiE+SAPdsXf0f6n9gs6j/N9b/s+r//6x/B8+X47d4/bv7ftev/odb8EkSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCJ9cuOH94pGvvL/aeq/qerrmcj4nBEcigiDkbE9VuYiZ0bch6IiFrVvtX4HTfN4adaFBnyc2arbU9EnKy2v5952O8CAAAA/H999/NXX0fM5M3ix2uPekJspuqiza5p5Ssu+Wy/zcGbr/nc0YEi2eoDz6p0cC3lVBzKF7T/9yllOxwR2/Z+OqVsd/Zl9ed+I+xaF2pl2LZpswEAADbNxkrgdtUbAAAAW9+3j3oCTN1d3W2trRtZ3QueLUN1Q3D3hj0AAADg8XD9i3sYXHuIEwEAAACm636/q1vU/3f5/L+42+f//er5fwAAAPBYKZ//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAvO/eTqzQQxwH8B7WC/yIx/DmCV2BlXLLgEB7BpQfQ27jjCMaEcA7ceQQDhmFcQLrA1ym8Rz6fpG+m89pvf8BqOlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALr0q14tvm++fmubs/uxb6XMqwEAAACabOvVInVGx/1XefxNHnoXEbOImEbEJCKa5u5VPD/JHEdEL/ebjq/PavgZkRIO5wzy9jIiPubtz9uu3wUAAAC4X5v1fBlRHbrpz4dbF0Qr7//v8HzTZljq8umWz7NSaeMU9qVQ2uRfZBHTiKhHvwulzSKi//pTobSLVLk5+ezTTu/Y9K9ZDQAAcB3VSVNs9gYAAMCj8/nWBXAd5wu9ab02fxc/rwUP8r926Qf5L5rPAwAAAJ6O3q0LAAAAADqX5v+e/wcAAAD37fj8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALq0rVeLzXq+bJuz219u2DD2oIv221YNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAX/bnJYVhGAiiYOcf3UnkZDm8abDBC6+9cRUIHjMIIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuJbbenLf4tH4JXl22nh1PJO8u2p8ump8u26MXpjJ//CFvXHOxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBhf+5OIASCIAz2nf85LeYfljRoDCJUwcLHDPOwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfMbvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2J9724SBMI7Dry+JErfJCOmtBGagoUIwAh8SkiXPwAAsRENFa7EIrAASnGs6U/A8zf9XXHEvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAa7o8fPEWEUWkLlOk8ebn9B4RH5G2bTv6vGWxOx+br3vO9odJzu+Y/pYRUUbRxzkAAL2rus2xWtfLv7z/eQd5h3mreVMvnvlpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mq+/bTEdUUBAD/j/FHronTTRbsptKCbdjr23wizLVgKpRsXXQ46FenYymhBRQr2GxT6BbpvVm7zGbIMuEggIYtAcGFCCGSTMDNv9GkmxiT43pD5/eD6zrvXue8eF8KZex8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAaznaj5lBXIiIj0qncdfh8d7ysOuDRzc+HLRfrpc20nN2pyhHxK9r7daXGeYyav46d7+5s/tbs91uda4wmMzwWZkFlYg4N3TzXj/PEVlhDsE45z6V9zKmI2LIUBTfbMKs/zMBAPCuKyetW9ffKR8sdvsKjYhn/52t/2dTcVyy/n/y/98/pJ+Vrv9rmWU4Mm6//5KB6tb6RnVzZ/fztfXmamu19XttYeHrb+rffTtfq/a+K6mO+zcmAAAAvK1K0tL1/0Tjxf3/91JxXLL+//PHnz/u9k0lnylepv6vXFWmo+t00y/vlQAAAIy3Dz55/LAwpL9QqcR2c2urU+v/PLmf324uRWc+h6W+2tLZ28mkpev/YiOntQEAAACZOtovzETEweB+JbkO3f+fO/1cev//1r+ln9JzFiNiOtn//2L5j/ZKJpmMvizeT847RwAAAPI1nbT0/n+5d/6/dPI7ExEx92k/HvQeHu/1zvVfdP5/9rNr99PPSp///yq7FHMycfFovf/36F3rEaV6ZgsDAABgDE0lrVv/3y3HYufpP99XGuP4Fj4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwnB37R2kgiOIAPMlktRIFwcbGE4h2VgELwXuIguARvIJ38AriPbYULa0lhVjYyszO6BK0SLMr+n3w+L2QP/uy1b4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDWL468+hhAmpZ+WfHy9Pkv5tJTJy1u7kyr0vsf3JkdjTwAAAMB/EEslz839acrpPO//Tf1M2vlvN7q+7vPLe3/Nuvun2o0P758X2uquk3704vLq/GCwf/j7bf781l0Xs3zn89lLrIcw24sm38/JTduerOV2faCBAYCV7dcsTX0eSnk45mAA/GV7/RezUqG3/8f5KHMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOojAAD//zsBZ44=")
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)

1.438651566s ago: executing program 2 (id=965):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0xfffffffffffffffb}, 0x18)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x3)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r1, &(0x7f0000000000)=ANY=[], 0x0, 0x0)

974.09355ms ago: executing program 2 (id=966):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xab49}, {0xb1, 0x0, 0x0, 0xde0c}, {0x6}]}, 0x10)
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0xfdef)

910.237357ms ago: executing program 2 (id=967):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='mm_khugepaged_scan_pmd\x00', r0}, 0x18)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)

845.007961ms ago: executing program 2 (id=968):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x20, r1, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0xacd2}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x80f0}, 0x20000000)
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}}, 0x28}}, 0x0)

844.677929ms ago: executing program 2 (id=969):
syz_usb_connect(0x1, 0x2d, &(0x7f00000010c0)=ANY=[@ANYBLOB="12010d0000000708b5192100c7980000000109021b00022000ac00090400000107000009090585cf", @ANYRES8], 0x0)

437.338192ms ago: executing program 0 (id=970):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x1c916, &(0x7f0000000040)={[{@nobarrier}, {@noblock_validity}, {@grpjquota_path={'grpjquota', 0x3d, './file1'}}, {@jqfmt_vfsv0}, {@oldalloc}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@sb={'sb', 0x3d, 0x100000001}}, {@jqfmt_vfsold}, {@resgid, 0x32}]}, 0x9b, 0x4d8, &(0x7f0000000a40)="$eJzs3d1rW+cZAPDnHFtZPpzZYbvIAsvCkmGHLZIdL4kZLNtgbFeBbdnF7jLPlo2xbBlLTmITNof9AYMRtsGuetWbQv+AQsldb0tLoL0vbWkpbdJe9KKNir5Sx5H8QWQrWL8fHOs9H/LzvBJ6dd73vOgE0LPORMTFiHhcqVTOR8RgY3vaWO4fi4j1+nGPHt6Zqi5JVCrXP00iaWyrHj+y4X82nlLzp99H/C15Nm5pdW1+slDILzfWc+WFpVxpde3C3MLkbH42vzg+PnZ54srEpYnRjtRzICKu/vbD//zr5d9dff1nt9678fHI36tp/bKxv1mPTqtXPROHN2zrj4jlvQjWBX2N+mS6nQgAADvSPM//cUScj8Hoq53NAQAAAAdJ5VcD8VUSUQEAAAAOrLQ2NzZJs415AAORptlsfQ7v9+NoWiiWyj+dKa4sTtfn0A5FJp2ZK+RHG3OFhyKTVNfHauVv1y9uWh+PiBMRcW/wSG09O1UsTHd78AMAAAB6xLFN/f8vBuv9fwAAAOCAGep2AgAAAMCe0/8HAACAg69F//8v3cgDAAAA2BN/uHatulSa97+evrm6Ml+8eWE6X5rPLqxMZaeKy0vZ2WJxtvabfQvb/b9Csbj081hcuZ0r50vlXGl17cZCcWWxfGPuqVtgAwAAAPvoxI/uv5tExPovjtSWqkPdTgrYF/27OfiDvcsD2H993U4A6Jpdff8DB0qm2wkAXZdss7/t5J03O58LAACwN4Z/0Pr6f7Lt2MB6uk8pAnvE+B/0Ltf/oXe5/g+9KxN9oSMPvW3vr/9XKrtKCAAA6LiB2pKk2YjaOMBApGk2G3G8dluATDIzV8iPRsR3I+Kdwcx3qutjtWcm2/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCgRaQfJY37fw0PnhvYPD5wKPlysPYYEbf+f/2/tyfL5eWx6vbPnmwv/6+x/WI3RjAAAACAzZr99GY/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA66dHDO1PNZT/jfvKbiBhqFb8/DtceD0cmIo5+nkT/huclEdHXgfjrdyPiZKv4STWtGGpk0Sr+kS7GTyPiWAfiQy+7X21/ft3q85fGmdpj68/f5VoL9fzat3/pk/avr037c3yHMU49eDXXNv7diFP9rdufZvykTfyzO4z/1z+vrbXbV3kpYrjl90/yVKxceWEpV1pduzC3MDmbn80vjo+PXZ64MnFpYjQ3M1fIN/62iHAo/v3D1x5vVf+jca9t+7tV/c/tsP5fP7j98Hv1YqZV/JGzrd//k23ip43vvp80ytX9w83yer280elX3jod8fYb7eo/3eb13+79H9lh/c//8Z/v7/BQAGAflFbX5icLhfxyTxee69Wonha9ELVQ2G3hHy9GGi9kobvtEgAA0HnP9oGf1olr7AAAAAAAAAAAAAAAAAAAAMDW9vPX9ZrWu1NVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtfRMAAP//lOzXow==")
syz_emit_ethernet(0x36, &(0x7f0000000180)={@multicast, @random="539163500011", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @empty}, @timestamp_reply={0x11, 0xe0, 0x0, 0x0, 0x0, 0x810001}}}}}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x515001, 0x408)
link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

333.680091ms ago: executing program 0 (id=971):
syz_emit_ethernet(0x6e, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0200", 0x38, 0x3a, 0xff, @remote, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x39, '\x00', {0x9, 0x6, "868e17", 0x4, 0x32, 0x0, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, [], "f1b5d73775326820"}}}}}}}, 0x0)

333.417949ms ago: executing program 0 (id=972):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x4, 0x4, 0x7}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000001100)={r0, &(0x7f0000000100), &(0x7f0000000000)=""/95, 0x2}, 0x20)

298.51783ms ago: executing program 0 (id=973):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4000)
fallocate(r0, 0x40, 0x100000000, 0x9c7)

220.78018ms ago: executing program 0 (id=974):
r0 = syz_open_dev$radio(&(0x7f00000005c0), 0x0, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000380)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f910, 0x8000, '\x00', @p_u8=&(0x7f0000000080)}})

220.347181ms ago: executing program 0 (id=975):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x443f, &(0x7f00000088c0)="$eJzs3c1PHOcdAOB3BlyD6w9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgqXqwFHKzlFOkHKIcrETKjZPFIVfnT8glR+dsKTnkEimSFaLdnYWdYVds0C7EzvMcmJ33e/c3H+8chjdOVB4ureWW1nKFlVx54f7axdz/yqX15WKID0nL/o8dXv90phfHyVEfez9lt65c+8fdiyF8uvj5y+3t7e1Q1R9aGmv6/M3Xjxeatw1xpk613datdcu/Qwjn9oyrqi+E8K9PQohCCJeTtMlkOxhCOBXqeXcfv3Mv16XRPHtRvJR/Nfdka/zC7ObTrfbfPQrhg9Iv//hg+cvf9I1/8fsudQ8AAAAAAAAAAAAAAAAAwGtu+vatO38fHQvPo9C/Ge19X3c62bZ7P3a7a37d+y8LAAAAAAAAAAAAAAAAAAAAP1K77//norMt3v+fSrYTbepv/7VNxvHujpPemPnbramro2PJ+u/Rnvw/JUlfXe4Lwy3Wfc+u/345U7/1+u97+zmoxvga/Q6FKB7ZfmsnfyjE8chICB8lC7+fj07EpfJa5Q/3y+sri10bxmsrHf/66v2p6CQL+nca/8lM+71f//8Xe46m6v697h1ib7R0/Pvalvv47aij+F/J1DuM+HNw6fj319IGmwtM1C8A1fi/279//Kcy7fcq/qdDCLmoOtZc6gpQncNU09vNV0hLx/9YLS116Ux+yHbn/7eZ+F/NtN8u/me69g1aX/83sjciWkrH/2e1tIFUid3zfzje//y/lmn/KO7/1fFvuP93JB3/5KGtP1Wk9kt2ev2fzrTfq/jfiZNxno5SR8BmVE9v9//qSEvHf2BP/u7zX9zR/O96pv5hPf81+q09/zU9h/wuqj//0Vo6/oNty3V6/s9k6vX6+j9Rm/9xUOn4n6ilpefOQ7W/ncZ/NtN+r+Jfm5UMNOK/ez357ng9/UPzv46k4//zemLcXGKj9rc2/4v2n//fyLR/FPO/6vg34t72+qZIx/9k23LV+H/Wwf3/ZqZe7+Mfwqi5/oGl43+qbbna+T+wf/znMvV6Hf/f9rJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNfAZLIdClE8ktqP45GREK4k++fDiWi+sJifL5UX/rsWwlSSngtnowel8nyhlF9aKS8W84VSqbwQwtUk/1wYiNZK5Up+ufDo2k5bg9HDYmG1Ml8sVEII00n6r8KpRlvzS5XlwqMQwvWdvDNxefXRw8JKfnFp9S+jo6OjYWZnDMNR8f+V4kql3ns9N4TZnbpDUdPgatk3dsZyMvpPeX11pVCqpd9sqlMqLxRKTXXmkrz3wnBUWV1fWShUivlS+UGjv6M0kWynZm7/8/bNsT3596L6dvJwhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAD/R8/M/vhxD663txCGGi8SFqVf7Zi+Kl/Ku5J1vjF2Y3n269bFcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygRA1EYgN+Mhdp5DKuQdLYJimhhRPAEegwPE4/iJbyDhYWthQhmBjTuQprd6vuaB/l5eT8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsc3k33t+2XUSKo6/DiJfH17ff+XWZ0zDPvNg/2FNPduPqZjy/aLvy3dO//Kw8eu/zT/r58fQQG2b1PPzdX/5Ps3rneGuvaVjXv/ard08i5SYi+pKfppybZt27AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//78SIGU=")
setxattr$trusted_overlay_origin(&(0x7f0000000240)='.\x00', &(0x7f0000000000), 0x0, 0x0, 0x0)

214.377097ms ago: executing program 1 (id=976):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x99}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x80)

108.001742ms ago: executing program 1 (id=977):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20, 0x8, 0x0, 0x0, 0xfe, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x1}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, @LWTUNNEL_IP_OPT_ERSPAN_VER={0x5, 0x1, 0x6}}}}]}, 0x38}}, 0x0)

0s ago: executing program 1 (id=978):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0x79a8, 0x8, 0x1, 0x5000032f}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x6)

kernel console output (not intermixed with test programs):

h address 0xFF, changing to 0x8F
[   67.417899][  T793] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 24929, setting to 64
[   67.438686][  T793] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[   67.442356][  T793] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.457076][  T793] usb 1-1: Product: syz
[   67.460496][  T793] usb 1-1: Manufacturer: syz
[   67.462507][  T793] usb 1-1: SerialNumber: syz
[   67.466936][  T793] usb 1-1: config 0 descriptor??
[   67.475681][ T6240] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   67.547708][  T793] rc_core: IR keymap rc-streamzap not found
[   67.550447][  T793] Registered IR keymap rc-empty
[   67.554262][  T793] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[   67.563075][  T793] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input4
[   67.716979][  T793] usb 1-1: USB disconnect, device number 2
[   67.910990][ T6282] loop1: detected capacity change from 0 to 1024
[   67.925433][ T6282] hfsplus: unable to find HFS+ superblock
[   67.950746][ T6276] loop2: detected capacity change from 0 to 32768
[   67.998199][ T6276] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   68.033841][ T6282] loop1: detected capacity change from 0 to 8192
[   68.038197][ T6276] XFS (loop2): Ending clean mount
[   68.047283][ T6282] msdos: Unknown parameter 'nodo]'
[   68.085438][ T5847] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   68.299607][ T6292] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   68.306261][ T6292] netlink: 20 bytes leftover after parsing attributes in process `syz.0.115'.
[   68.416259][ T6300] netlink: 4 bytes leftover after parsing attributes in process `syz.0.118'.
[   68.419713][ T6300] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   68.422932][ T6300] batman_adv: batadv0: Removing interface: batadv_slave_0
[   68.750419][ T6300] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   68.762611][ T6300] batman_adv: batadv0: Removing interface: batadv_slave_1
[   68.860878][ T6304] netlink: 'syz.1.120': attribute type 1 has an invalid length.
[   68.863734][ T6304] netlink: 232 bytes leftover after parsing attributes in process `syz.1.120'.
[   68.930866][ T6306] loop1: detected capacity change from 0 to 2048
[   68.959908][ T6307] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   68.979623][ T6306] NILFS (loop1): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3)
[   68.983952][ T6306] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=16)
[   68.992019][ T6306] Remounting filesystem read-only
[   68.994125][ T6306] NILFS (loop1): error -5 truncating bmap (ino=16)
[   69.167375][ T5842] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[   69.539246][ T6317] loop2: detected capacity change from 0 to 4096
[   69.556212][ T6317] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[   69.603027][ T6317] ntfs3(loop2): Failed to load $UpCase (-22).
[   70.973480][   T33] audit: type=1326 audit(1755038718.827:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6335 comm="syz.0.134" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7f5118ebe9 code=0x0
[   71.215358][ T6345] loop2: detected capacity change from 0 to 256
[   71.233344][ T1366] ieee802154 phy0 wpan0: encryption failed: -22
[   71.236092][ T1366] ieee802154 phy1 wpan1: encryption failed: -22
[   71.249766][ T6345] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   71.335645][ T6347] loop2: detected capacity change from 0 to 1024
[   71.354131][ T6347] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[   71.428748][   T33] audit: type=1326 audit(1755038719.277:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6350 comm="syz.1.141" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x7ffc0000
[   71.449096][   T33] audit: type=1326 audit(1755038719.297:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6350 comm="syz.1.141" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x7ffc0000
[   71.461713][   T33] audit: type=1326 audit(1755038719.297:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6350 comm="syz.1.141" exe="/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f44ba38ebe9 code=0x7ffc0000
[   71.475317][   T33] audit: type=1326 audit(1755038719.297:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6350 comm="syz.1.141" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x7ffc0000
[   71.491714][   T33] audit: type=1326 audit(1755038719.297:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6350 comm="syz.1.141" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x7ffc0000
[   71.692368][ T6370] loop2: detected capacity change from 0 to 256
[   72.358284][ T6403] netlink: 32 bytes leftover after parsing attributes in process `syz.2.157'.
[   72.454021][ T6404] mkiss: ax0: crc mode is auto.
[   72.936802][ T6420] bond1: entered promiscuous mode
[   72.947217][ T6420] 8021q: adding VLAN 0 to HW filter on device bond1
[   73.015843][ T6427] netlink: 204 bytes leftover after parsing attributes in process `syz.2.167'.
[   73.171937][ T6439] loop2: detected capacity change from 0 to 256
[   73.199346][ T6439] FAT-fs (loop2): Directory bread(block 64) failed
[   73.202251][ T6439] FAT-fs (loop2): Directory bread(block 65) failed
[   73.204876][ T6439] FAT-fs (loop2): Directory bread(block 66) failed
[   73.207035][ T6439] FAT-fs (loop2): Directory bread(block 67) failed
[   73.229233][ T6439] FAT-fs (loop2): Directory bread(block 68) failed
[   73.231816][ T6439] FAT-fs (loop2): Directory bread(block 69) failed
[   73.234187][ T6439] FAT-fs (loop2): Directory bread(block 70) failed
[   73.236381][ T6439] FAT-fs (loop2): Directory bread(block 71) failed
[   73.250332][ T6439] FAT-fs (loop2): Directory bread(block 72) failed
[   73.252779][ T6439] FAT-fs (loop2): Directory bread(block 73) failed
[   73.342264][ T6430] loop0: detected capacity change from 0 to 40427
[   73.346111][ T6430] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   73.353227][ T6430] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   73.362338][ T6430] F2FS-fs (loop0): invalid crc value
[   73.409103][ T6430] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   73.415646][ T6430] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   73.417922][ T6430] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   73.504675][ T6441] loop1: detected capacity change from 0 to 32768
[   73.641611][ T6441] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[   73.641632][ T6441]   allowing incompatible features above 0.0: (unknown version)
[   73.641639][ T6441]   features: 
[   73.656246][ T6441] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[   73.659323][ T6441] bcachefs (loop1): initializing new filesystem
[   73.666753][ T6441] bcachefs (loop1): going read-write
[   73.676861][ T6441] bcachefs (loop1): marking superblocks
[   73.689958][ T6441] bcachefs (loop1): initializing freespace
[   73.696873][ T6441] bcachefs (loop1): done initializing freespace
[   73.706905][ T6441] bcachefs (loop1): reading snapshots table
[   73.710134][ T6441] bcachefs (loop1): reading snapshots done
[   73.737368][ T6441] bcachefs (loop1): done starting filesystem
[   73.792262][ T6441] syz.1.173 (6441) used greatest stack depth: 16632 bytes left
[   73.809155][ T6459] loop2: detected capacity change from 0 to 32768
[   73.815054][ T5842] bcachefs (loop1): shutting down
[   73.818208][ T5842] bcachefs (loop1): going read-only
[   73.820736][ T5842] bcachefs (loop1): finished waiting for writes to stop
[   73.820938][ T6459] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.178 (6459)
[   73.831484][ T5842] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[   73.849390][ T6472] loop0: detected capacity change from 0 to 128
[   73.887543][ T5842] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[   73.891479][ T6459] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   73.905199][ T5842] bcachefs (loop1): clean shutdown complete, journal seq 4
[   73.915363][ T6459] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   73.918163][ T6459] BTRFS info (device loop2): using free-space-tree
[   73.921996][ T5842] bcachefs (loop1): marking filesystem clean
[   73.968648][ T5842] bcachefs (loop1): shutdown complete
[   74.013604][ T6487] loop0: detected capacity change from 0 to 512
[   74.017868][ T6487] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   74.024716][ T6487] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   74.049994][ T6487] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   74.056858][ T6487] EXT4-fs (loop0): 1 truncate cleaned up
[   74.060868][ T6487] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.109728][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.144121][ T5847] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   74.577222][ T6511] ref_ctr_offset mismatch. inode: 0x1ac offset: 0x0 ref_ctr_offset(old): 0x3070 ref_ctr_offset(new): 0x0
[   74.641716][ T6507] loop0: detected capacity change from 0 to 32768
[   74.695289][ T6507] JBD2: Ignoring recovery information on journal
[   74.740428][ T6507] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   74.844242][ T5849] ocfs2: Unmounting device (7,0) on (node local)
[   75.011702][ T6531] loop0: detected capacity change from 0 to 8
[   75.219054][ T6539] loop2: detected capacity change from 0 to 4096
[   75.245208][ T6541] loop0: detected capacity change from 0 to 4096
[   75.248335][ T6541] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   75.274180][ T6541] ntfs3(loop0): ino=19, mi_enum_attr
[   75.275956][ T6541] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   76.132470][ T6560] loop0: detected capacity change from 0 to 32768
[   76.136147][ T6560] XFS: ikeep mount option is deprecated.
[   76.210494][ T6560] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   76.228128][ T6560] XFS (loop0): Ending clean mount
[   76.237681][ T6560] XFS (loop0): Quotacheck needed: Please wait.
[   76.668223][ T6560] XFS (loop0): Quotacheck: Done.
[   76.712160][ T5849] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   77.227360][ T6596] loop1: detected capacity change from 0 to 40427
[   77.232479][ T6596] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   77.235001][ T6596] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   77.239368][ T6596] F2FS-fs (loop1): invalid crc value
[   77.273843][ T6596] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   77.283787][ T6596] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   77.286090][ T6596] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   77.840292][ T6599] loop2: detected capacity change from 0 to 32768
[   77.848196][ T6599] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.223 (6599)
[   77.872330][ T6599] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   77.875725][ T6599] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   77.878450][ T6599] BTRFS info (device loop2): using free-space-tree
[   78.046754][   T33] audit: type=1800 audit(1755038725.485:16): pid=6599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.223" name="file1" dev="loop2" ino=260 res=0 errno=0
[   78.073546][ T5847] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   78.560290][ T6627] loop2: detected capacity change from 0 to 32768
[   78.574269][   T47] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   78.582700][ T6627] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   78.601535][ T6627] XFS (loop2): Ending clean mount
[   78.608960][ T6627] XFS (loop2): Quotacheck needed: Please wait.
[   78.633433][ T6627] XFS (loop2): Quotacheck: Done.
[   78.692087][ T5847] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   78.735088][   T47] usb 1-1: Using ep0 maxpacket: 16
[   78.765095][   T47] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[   78.771561][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.779606][   T47] usb 1-1: Product: syz
[   78.783895][   T47] usb 1-1: Manufacturer: syz
[   78.788237][   T47] usb 1-1: SerialNumber: syz
[   78.795782][   T47] usb 1-1: config 0 descriptor??
[   78.892468][ T6640] Bluetooth: MGMT ver 1.23
[   79.002166][ T6643] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   79.247138][   T47] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[   79.271481][   T47] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   79.283294][   T47] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[   79.286956][   T47] usb 1-1: media controller created
[   79.339854][   T47] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   79.464972][   T47] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[   79.468531][   T47] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[   79.797239][    T9] usb 1-1: USB disconnect, device number 3
[   79.927603][    T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[   80.786152][ T6655] loop0: detected capacity change from 0 to 128
[   80.827114][ T6655] befs: (loop0): No write support. Marking filesystem read-only
[   80.846646][ T6655] befs: (loop0): invalid blocksize: 2066842815
[   81.423529][ T6690] warning: `syz.0.250' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   81.631802][    T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   81.772645][    T9] usb 3-1: device descriptor read/64, error -71
[   82.038069][    T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   82.172008][   T10] cfg80211: failed to load regulatory.db
[   82.194896][    T9] usb 3-1: device descriptor read/64, error -71
[   82.197768][ T5836] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   82.316141][    T9] usb usb3-port1: attempt power cycle
[   82.369877][ T5836] usb 1-1: Using ep0 maxpacket: 8
[   82.380465][ T5836] usb 1-1: config 0 has an invalid interface number: 151 but max is 0
[   82.383795][ T5836] usb 1-1: config 0 has no interface number 0
[   82.386601][ T5836] usb 1-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xDE, changing to 0x8E
[   82.392211][ T5836] usb 1-1: config 0 interface 151 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[   82.398696][ T5836] usb 1-1: New USB device found, idVendor=0711, idProduct=0900, bcdDevice=fa.6f
[   82.402120][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.406123][ T5836] usb 1-1: Product: syz
[   82.407799][ T5836] usb 1-1: Manufacturer: syz
[   82.409687][ T5836] usb 1-1: SerialNumber: syz
[   82.422868][ T5836] usb 1-1: config 0 descriptor??
[   82.429324][ T5836] sisusb 1-1:0.151: Invalid USB2VGA device
[   82.431770][ T5836] sisusb 1-1:0.151: probe with driver sisusb failed with error -22
[   82.673463][ T5836] usb 1-1: USB disconnect, device number 4
[   82.682054][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   82.734456][    T9] usb 3-1: device descriptor read/8, error -71
[   82.989448][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   83.011663][    T9] usb 3-1: device descriptor read/8, error -71
[   83.128814][    T9] usb usb3-port1: unable to enumerate USB device
[   83.566782][  T976] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[   83.730307][  T976] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[   83.735041][  T976] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[   83.741165][  T976] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[   83.745042][  T976] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.787745][ T6716] netlink: 830 bytes leftover after parsing attributes in process `syz.1.262'.
[   83.970843][  T976] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[   83.984957][  T976] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input5
[   83.992587][  T976] input: failed to attach handler kbd to device input5, error: -5
[   84.045345][  T976] usb 1-1: USB disconnect, device number 5
[   84.157150][ T6730] batadv1: entered promiscuous mode
[   84.620655][ T6753] bridge1: entered promiscuous mode
[   84.839186][  T976] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   85.059816][  T976] usb 3-1: config 0 has an invalid interface number: 197 but max is 0
[   85.082789][  T976] usb 3-1: config 0 has no interface number 0
[   85.134333][  T976] usb 3-1: config 0 interface 197 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8
[   85.148284][  T976] usb 3-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64
[   85.158217][  T976] usb 3-1: config 0 interface 197 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 1024
[   85.168660][  T976] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42
[   85.176357][  T976] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.187069][  T976] usb 3-1: Product: syz
[   85.190022][   T33] audit: type=1326 audit(1755038732.163:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6766 comm="syz.1.285" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x0
[   85.191328][  T976] usb 3-1: Manufacturer: syz
[   85.217113][  T976] usb 3-1: SerialNumber: syz
[   85.231884][  T976] usb 3-1: config 0 descriptor??
[   85.236640][ T6743] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   85.240920][ T6743] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   85.372457][ T6769] loop1: detected capacity change from 0 to 32768
[   85.380189][ T6769] (syz.1.286,6769,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   85.387907][ T6769] (syz.1.286,6769,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   85.407153][ T6769] JBD2: Ignoring recovery information on journal
[   85.437344][ T6769] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   85.468642][  T976] qmi_wwan 3-1:0.197: probe with driver qmi_wwan failed with error -71
[   85.490660][ T5842] ocfs2: Unmounting device (7,1) on (node local)
[   85.492695][  T976] usb 3-1: USB disconnect, device number 6
[   85.697165][ T6777] binder: 6776:6777 ioctl c018620c 200000000380 returned -22
[   85.785864][ T6773] loop1: detected capacity change from 0 to 32768
[   85.806422][ T6773] XFS: attr2 mount option is deprecated.
[   85.814726][ T6773] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[   85.837627][ T6773] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   85.849818][ T6773] XFS (loop1): Ending clean mount
[   85.855390][ T6773] XFS (loop1): Quotacheck needed: Please wait.
[   85.884454][ T6773] XFS (loop1): Quotacheck: Done.
[   85.942998][ T5842] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   86.186711][  T976] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   86.194276][ T6806] loop1: detected capacity change from 0 to 128
[   86.202791][ T6806] affs: No valid root block on device loop1
[   86.346426][  T976] usb 1-1: Using ep0 maxpacket: 8
[   86.402952][  T976] usb 1-1: New USB device found, idVendor=22b8, idProduct=6425, bcdDevice=d3.6c
[   86.408168][  T976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.415784][  T976] usb 1-1: Product: syz
[   86.417232][  T976] usb 1-1: Manufacturer: syz
[   86.423679][  T976] usb 1-1: SerialNumber: syz
[   86.430263][  T976] usb 1-1: config 0 descriptor??
[   86.436593][ T6812] loop1: detected capacity change from 0 to 32768
[   86.439325][ T6812] XFS: ikeep mount option is deprecated.
[   86.444529][  T976] usb 1-1: bad CDC descriptors
[   86.452919][  T976] usb 1-1: unsupported MDLM descriptors
[   86.509309][ T6812] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[   86.513497][ T6812] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   86.536247][ T6812] XFS (loop1): Internal error !uuid_equal(&mp->m_sb.sb_uuid, &head->h_fs_uuid) at line 254 of file fs/xfs/xfs_log_recover.c.  Caller xlog_header_check_mount+0x93/0xe0
[   86.543508][ T6812] CPU: 0 UID: 0 PID: 6812 Comm: syz.1.302 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[   86.543536][ T6812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   86.543546][ T6812] Call Trace:
[   86.543552][ T6812]  <TASK>
[   86.543558][ T6812]  dump_stack_lvl+0x189/0x250
[   86.543586][ T6812]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.543606][ T6812]  ? __phys_addr+0xd3/0x180
[   86.543624][ T6812]  ? __kasan_kmalloc_large+0x85/0xa0
[   86.543642][ T6812]  ? is_vmalloc_addr+0x52/0xb0
[   86.543660][ T6812]  xfs_corruption_error+0x122/0x170
[   86.543676][ T6812]  ? xlog_header_check_mount+0x93/0xe0
[   86.543691][ T6812]  xlog_header_check_mount+0xc6/0xe0
[   86.543704][ T6812]  ? xlog_header_check_mount+0x93/0xe0
[   86.543715][ T6812]  xlog_find_verify_log_record+0x32e/0x500
[   86.543734][ T6812]  xlog_find_zeroed+0x327/0x410
[   86.543752][ T6812]  xlog_find_head+0x5f/0x700
[   86.543762][ T6812]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.543776][ T6812]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   86.543794][ T6812]  xlog_find_tail+0x3d/0x840
[   86.543808][ T6812]  ? try_to_wake_up+0x7f5/0x12b0
[   86.543825][ T6812]  xlog_recover+0x4b/0x3e0
[   86.543842][ T6812]  xfs_log_mount+0x253/0x3e0
[   86.543862][ T6812]  xfs_mountfs+0xe5e/0x2330
[   86.543887][ T6812]  ? __pfx_xfs_mountfs+0x10/0x10
[   86.543904][ T6812]  ? xfs_setup_dax_always+0x20f/0x290
[   86.543924][ T6812]  xfs_fs_fill_super+0x11b3/0x1600
[   86.543947][ T6812]  get_tree_bdev_flags+0x40e/0x4d0
[   86.543962][ T6812]  ? __pfx_xfs_fs_fill_super+0x10/0x10
[   86.543978][ T6812]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   86.544001][ T6812]  vfs_get_tree+0x92/0x2b0
[   86.544016][ T6812]  do_new_mount+0x2a2/0x9e0
[   86.544036][ T6812]  ? ns_capable+0x8a/0xf0
[   86.544047][ T6812]  ? __pfx_do_new_mount+0x10/0x10
[   86.544063][ T6812]  ? path_mount+0x61c/0xfe0
[   86.544075][ T6812]  ? user_path_at+0x44/0x60
[   86.544095][ T6812]  __se_sys_mount+0x317/0x410
[   86.544116][ T6812]  ? __pfx___se_sys_mount+0x10/0x10
[   86.544136][ T6812]  ? do_syscall_64+0xbe/0x3b0
[   86.544149][ T6812]  ? __x64_sys_mount+0x20/0xc0
[   86.544166][ T6812]  do_syscall_64+0xfa/0x3b0
[   86.544180][ T6812]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.544191][ T6812]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.544201][ T6812]  ? exc_page_fault+0x9f/0xf0
[   86.544217][ T6812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.544227][ T6812] RIP: 0033:0x7f44ba39038a
[   86.544242][ T6812] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.544250][ T6812] RSP: 002b:00007f44bb1bbe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   86.544263][ T6812] RAX: ffffffffffffffda RBX: 00007f44bb1bbef0 RCX: 00007f44ba39038a
[   86.544272][ T6812] RDX: 0000200000000500 RSI: 0000200000000040 RDI: 00007f44bb1bbeb0
[   86.544279][ T6812] RBP: 0000200000000500 R08: 00007f44bb1bbef0 R09: 000000000300c880
[   86.544286][ T6812] R10: 000000000300c880 R11: 0000000000000246 R12: 0000200000000040
[   86.544294][ T6812] R13: 00007f44bb1bbeb0 R14: 000000000000970d R15: 0000200000000080
[   86.544312][ T6812]  </TASK>
[   86.544317][ T6812] XFS (loop1): Corruption detected. Unmount and run xfs_repair
[   86.681380][  T976] usb 1-1: USB disconnect, device number 6
[   86.682214][ T6812] XFS (loop1): log has mismatched uuid - can't recover
[   86.682493][ T6812] XFS (loop1): empty log check failed
[   86.690167][ T6812] XFS (loop1): log mount/recovery failed: error -117
[   86.701394][ T6812] XFS (loop1): log mount failed
[   86.920000][ T6822] Illegal XDP return value 4294967274 on prog  (id 27) dev N/A, expect packet loss!
[   87.198310][ T6834] kAFS: Can only specify source 'none' with -o dyn
[   87.528881][ T6847] netlink: 72 bytes leftover after parsing attributes in process `syz.0.314'.
[   87.532233][ T6847] netlink: 72 bytes leftover after parsing attributes in process `syz.0.314'.
[   87.603915][ T6851] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0
[   88.954961][    T9] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[   89.085712][   T54] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[   89.089365][   T54] Bluetooth: hci0: Injecting HCI hardware error event
[   89.092792][ T5844] Bluetooth: hci0: hardware error 0x00
[   89.159850][    T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   89.163509][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.170322][    T9] usb 1-1: config 0 descriptor??
[   89.178652][    T9] cp210x 1-1:0.0: cp210x converter detected
[   89.282824][ T6875] loop1: detected capacity change from 0 to 8192
[   89.372274][ T5836] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   89.668318][ T6885] loop1: detected capacity change from 0 to 32768
[   89.679576][ T5836] usb 3-1: config 0 has an invalid interface number: 73 but max is 0
[   89.696518][ T5836] usb 3-1: config 0 has no interface number 0
[   89.702202][    T9] usb 1-1: cp210x converter now attached to ttyUSB0
[   89.707993][ T5836] usb 3-1: New USB device found, idVendor=06f8, idProduct=300c, bcdDevice=39.64
[   89.711328][ T5836] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   89.716874][ T5836] usb 3-1: Product: syz
[   89.718407][ T5836] usb 3-1: Manufacturer: syz
[   89.720011][ T5836] usb 3-1: SerialNumber: syz
[   89.723031][ T5836] usb 3-1: config 0 descriptor??
[   89.747651][ T6885] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[   89.747667][ T6885]   allowing incompatible features above 0.0: (unknown version)
[   89.747671][ T6885]   features: 
[   89.759784][ T6885] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[   89.762619][ T6885] bcachefs (loop1): initializing new filesystem
[   89.772280][ T6885] bcachefs (loop1): going read-write
[   89.778322][ T6885] bcachefs (loop1): marking superblocks
[   89.785360][ T6885] bcachefs (loop1): initializing freespace
[   89.789273][ T6885] bcachefs (loop1): done initializing freespace
[   89.792509][ T6885] bcachefs (loop1): reading snapshots table
[   89.794491][ T6885] bcachefs (loop1): reading snapshots done
[   89.813183][ T6885] bcachefs (loop1): done starting filesystem
[   89.846333][   T47] usb 1-1: USB disconnect, device number 7
[   89.866395][   T47] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[   89.880206][ T5842] bcachefs (loop1): shutting down
[   89.888609][ T5842] bcachefs (loop1): going read-only
[   89.890877][ T5842] bcachefs (loop1): finished waiting for writes to stop
[   89.904053][   T47] cp210x 1-1:0.0: device disconnected
[   89.914706][ T5842] bcachefs (loop1): flushing journal and stopping allocators, journal seq 4
[   89.956545][ T5842] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 4
[   89.963851][ T5842] bcachefs (loop1): clean shutdown complete, journal seq 5
[   89.967597][ T5842] bcachefs (loop1): marking filesystem clean
[   89.991140][ T5842] bcachefs (loop1): shutdown complete
[   90.001772][ T5836] uvcvideo 3-1:0.73: probe with driver uvcvideo failed with error -22
[   90.023287][ T5836] usb 3-1: USB disconnect, device number 7
[   90.625902][ T6903] loop2: detected capacity change from 0 to 512
[   90.777474][ T6901] loop0: detected capacity change from 0 to 32768
[   91.306999][ T5844] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   91.476700][ T6910] loop1: detected capacity change from 0 to 32768
[   91.501410][ T6910] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   91.518887][ T6910] XFS (loop1): Ending clean mount
[   91.526953][ T6910] XFS (loop1): Quotacheck needed: Please wait.
[   91.559421][ T6910] XFS (loop1): Quotacheck: Done.
[   91.594559][ T5842] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   91.643318][ T6920] loop0: detected capacity change from 0 to 32768
[   91.656962][ T6920] (syz.0.338,6920,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   91.698258][ T6920] (syz.0.338,6920,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   91.728575][ T6920] JBD2: Ignoring recovery information on journal
[   91.753870][ T6920] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   91.825366][ T6922] loop2: detected capacity change from 0 to 4096
[   91.845480][ T6922] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[   91.886547][ T5849] ocfs2: Unmounting device (7,0) on (node local)
[   91.991173][ T5844] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[   91.994562][ T5844] Bluetooth: hci2: Injecting HCI hardware error event
[   91.997980][ T5844] Bluetooth: hci2: hardware error 0x00
[   92.325121][ T6935] loop0: detected capacity change from 0 to 4096
[   92.402406][ T6935] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   92.506481][ T6935] ntfs3(loop0): ino=1f, "file2" attr_set_size
[   92.572621][ T5849] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[   93.011015][ T6954] loop2: detected capacity change from 0 to 512
[   93.040951][ T6954] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   93.070920][ T6954] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   93.076175][ T6954] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.351: Corrupt directory, running e2fsck is recommended
[   93.088896][ T6954] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   93.094774][ T6954] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.351: corrupted in-inode xattr: e_name out of bounds
[   93.102106][ T6954] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.351: couldn't read orphan inode 15 (err -117)
[   93.114511][ T6954] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.137858][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.199078][  T976] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   93.327993][ T6958] loop0: detected capacity change from 0 to 40427
[   93.341878][ T6958] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   93.344490][ T6958] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   93.352351][ T6958] F2FS-fs (loop0): invalid crc value
[   93.372860][  T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.376531][  T976] usb 2-1: New USB device found, idVendor=046d, idProduct=c262, bcdDevice= 0.00
[   93.379388][  T976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.394849][ T6958] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   93.404225][  T976] usb 2-1: config 0 descriptor??
[   93.406119][ T6958] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   93.416299][ T6958] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   93.437142][ T6963] loop2: detected capacity change from 0 to 32768
[   93.440749][ T6963] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.354 (6963)
[   93.457564][ T6963] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   93.465177][ T6963] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   93.472901][ T6963] BTRFS info (device loop2): using free-space-tree
[   93.541218][ T5849] syz-executor: attempt to access beyond end of device
[   93.541218][ T5849] loop0: rw=2051, sector=77824, nr_sectors = 2560 limit=40427
[   93.547992][ T5849] F2FS-fs (loop0): Issue discard(9728, 9728, 320) failed, ret: -5
[   93.555491][ T6963] BTRFS info (device loop2): rebuilding free space tree
[   93.675244][ T5847] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   93.866269][  T976] logitech-hidpp-device 0003:046D:C262.0003: unknown main item tag 0x7
[   93.888944][  T976] logitech-hidpp-device 0003:046D:C262.0003: item fetching failed at offset 6/7
[   93.892449][  T976] logitech-hidpp-device 0003:046D:C262.0003: hidpp_probe:parse failed
[   93.898805][  T976] logitech-hidpp-device 0003:046D:C262.0003: probe with driver logitech-hidpp-device failed with error -22
[   94.013672][ T6989] loop2: detected capacity change from 0 to 32768
[   94.016883][ T6989] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.356 (6989)
[   94.025935][ T6989] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   94.029411][ T6989] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[   94.035298][ T6989] BTRFS info (device loop2): using free-space-tree
[   94.084222][ T5836] usb 2-1: USB disconnect, device number 4
[   94.142809][ T5847] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   94.150574][   T47] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[   94.324205][   T47] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   94.329561][   T47] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[   94.341299][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 10
[   94.349620][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8C has invalid maxpacket 212, setting to 64
[   94.368401][   T47] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   94.392576][   T47] usb 1-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[   94.396034][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.402257][   T47] usb 1-1: Product: syz
[   94.404140][   T47] usb 1-1: Manufacturer: syz
[   94.406167][   T47] usb 1-1: SerialNumber: syz
[   94.416464][   T47] usb 1-1: config 0 descriptor??
[   94.420926][ T6988] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   94.481913][   T47] rc_core: IR keymap rc-xbox-dvd not found
[   94.484506][   T47] Registered IR keymap rc-empty
[   94.491488][   T47] rc rc0: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[   94.504181][   T47] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input6
[   94.624342][ T7016] loop2: detected capacity change from 0 to 32768
[   94.642414][ T5844] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[   94.689665][   T47] usb 1-1: USB disconnect, device number 8
[   94.689734][    C1] xbox_remote 1-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[   94.891385][ T7025] ptrace attach of "/syz-executor exec"[7026] was attempted by "/syz-executor exec"[7025]
[   95.700855][ T7036] netlink: 4 bytes leftover after parsing attributes in process `syz.0.369'.
[   95.729352][ T7036] netlink: 4 bytes leftover after parsing attributes in process `syz.0.369'.
[   95.733959][ T7036] Zero length message leads to an empty skb
[   95.772878][   T12] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   95.802841][   T12] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   95.820186][   T12] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   95.835127][   T12] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   95.852452][ T7038] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[   96.031057][ T7046] loop2: detected capacity change from 0 to 8
[   96.044950][ T7046] SQUASHFS error: xz decompression failed, data probably corrupt
[   96.048763][ T7046] SQUASHFS error: Failed to read block 0x108: -5
[   96.051673][ T7046] SQUASHFS error: Unable to read metadata cache entry [106]
[   96.057967][ T7046] SQUASHFS error: Unable to read inode 0x11f
[   96.374577][ T7040] loop0: detected capacity change from 0 to 32768
[   96.397227][ T7040] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   96.462608][ T7040] XFS (loop0): Ending clean mount
[   96.519702][ T5849] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   96.562313][ T7052] loop2: detected capacity change from 0 to 32768
[   96.610009][   T47] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   96.616699][ T7052] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   96.652974][ T7052] XFS (loop2): Ending clean mount
[   96.701736][ T7052] XFS (loop2): Quotacheck needed: Please wait.
[   96.740048][ T7052] XFS (loop2): Quotacheck: Done.
[   96.756772][ T7074] loop0: detected capacity change from 0 to 1024
[   96.780912][ T5847] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   96.795792][   T47] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   96.799963][   T47] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   96.813979][   T47] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   96.829679][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   96.833348][   T47] usb 2-1: SerialNumber: syz
[   96.837834][ T7074] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   96.842877][ T7074] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.881361][ T7074] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: comm syz.0.379: lblock 0 mapped to illegal pblock 0 (length 1)
[   96.899988][ T7074] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[   96.905296][ T7074] EXT4-fs (loop0): This should not happen!! Data will be lost
[   96.905296][ T7074] 
[   96.938583][ T7074] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: comm syz.0.379: lblock 0 mapped to illegal pblock 0 (length 1)
[   96.947881][ T7074] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: comm syz.0.379: lblock 0 mapped to illegal pblock 0 (length 1)
[   96.967050][ T7074] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: comm syz.0.379: lblock 0 mapped to illegal pblock 0 (length 1)
[   96.975144][ T7074] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: comm syz.0.379: lblock 0 mapped to illegal pblock 0 (length 1)
[   96.983334][ T7074] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #15: comm syz.0.379: lblock 0 mapped to illegal pblock 0 (length 1)
[   96.996661][ T7074] EXT4-fs error (device loop0): ext4_ext_remove_space:2955: inode #15: comm syz.0.379: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[   97.031831][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   97.093510][   T47] usb 2-1: 0:2 : does not exist
[   97.147281][   T47] usb 2-1: USB disconnect, device number 5
[   97.230749][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   97.478284][ T7088] loop0: detected capacity change from 0 to 32768
[   97.528873][ T5836] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   97.550948][ T7088] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[   97.550964][ T7088]   allowing incompatible features above 0.0: (unknown version)
[   97.550973][ T7088]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   97.567067][ T7088] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[   97.570768][ T7088] bcachefs (loop0): initializing new filesystem
[   97.583111][ T7088] bcachefs (loop0): going read-write
[   97.589726][ T7088] bcachefs (loop0): marking superblocks
[   97.604721][ T7088] bcachefs (loop0): initializing freespace
[   97.611897][ T7088] bcachefs (loop0): done initializing freespace
[   97.620391][ T7088] bcachefs (loop0): reading snapshots table
[   97.623137][ T7088] bcachefs (loop0): reading snapshots done
[   97.647465][ T7088] bcachefs (loop0): done starting filesystem
[   97.689284][ T5836] usb 3-1: Using ep0 maxpacket: 32
[   97.700790][ T5836] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[   97.704027][ T5836] usb 3-1: config 0 has no interface number 0
[   97.718830][ T5836] usb 3-1: config 0 interface 184 has no altsetting 0
[   97.730771][ T5836] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[   97.743905][ T5836] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.747270][ T5836] usb 3-1: Product: syz
[   97.754504][ T5836] usb 3-1: Manufacturer: syz
[   97.756840][ T5836] usb 3-1: SerialNumber: syz
[   97.778405][ T5836] usb 3-1: config 0 descriptor??
[   97.783226][ T5836] smsc75xx v1.0.0
[   98.023194][ T5849] bcachefs (loop0): shutting down
[   98.026192][ T5849] bcachefs (loop0): going read-only
[   98.028450][ T5849] bcachefs (loop0): finished waiting for writes to stop
[   98.035055][ T5849] bcachefs (loop0): flushing journal and stopping allocators, journal seq 5
[   98.059059][ T5849] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 5
[   98.064592][ T5849] bcachefs (loop0): clean shutdown complete, journal seq 6
[   98.068122][ T5849] bcachefs (loop0): marking filesystem clean
[   98.100078][ T5849] bcachefs (loop0): shutdown complete
[   98.235031][    T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   98.245493][ T7086] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.249243][ T7086] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.254040][ T5836] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[   98.257673][ T5836] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[   98.260881][ T5836] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[   98.264612][ T5836] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[   98.270957][ T5836] usb 3-1: USB disconnect, device number 8
[   98.416498][    T9] usb 2-1: Using ep0 maxpacket: 16
[   98.423490][    T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[   98.427162][    T9] usb 2-1: config 0 has no interface number 0
[   98.429778][    T9] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   98.438912][    T9] usb 2-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d
[   98.442955][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.446470][    T9] usb 2-1: Product: syz
[   98.450034][    T9] usb 2-1: Manufacturer: syz
[   98.452054][    T9] usb 2-1: SerialNumber: syz
[   98.456401][    T9] usb 2-1: config 0 descriptor??
[   98.463053][    T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[   98.483545][    T9] snd-usb-audio 2-1:0.1: probe with driver snd-usb-audio failed with error -2
[   98.507302][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   98.689581][    T9] usb 2-1: USB disconnect, device number 6
[   99.143702][ T7132] loop2: detected capacity change from 0 to 256
[   99.161259][ T7132] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011ded, chksum : 0x9858084d, utbl_chksum : 0xe619d30d)
[   99.643694][ T7154] loop2: detected capacity change from 0 to 32768
[   99.647278][ T7154] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.411 (7154)
[   99.655226][ T7154] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   99.667761][ T7154] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[   99.670607][ T7154] BTRFS info (device loop2): using free-space-tree
[   99.805126][ T7190] mmap: syz.0.424 (7190) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   99.903457][ T5847] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  100.245916][ T7209] loop0: detected capacity change from 0 to 40427
[  100.249850][   T47] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  100.252684][ T7209] F2FS-fs (loop0): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  100.255588][ T7209] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  100.258720][ T7209] F2FS-fs (loop0): build fault injection type: 0x6
[  100.263434][ T7209] F2FS-fs (loop0): invalid crc value
[  100.302579][ T7209] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  100.306164][ T7209] F2FS-fs (loop0): Start checkpoint disabled!
[  100.314932][ T7209] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  100.317521][ T7209] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  100.458260][   T47] usb 2-1: Using ep0 maxpacket: 16
[  100.468292][   T47] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  100.475803][   T47] usb 2-1: config 0 has no interface number 0
[  100.481718][   T47] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  100.491945][   T47] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  100.499959][   T47] usb 2-1: config 0 interface 41 has no altsetting 0
[  100.516865][   T47] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  100.529788][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.538863][   T47] usb 2-1: Product: syz
[  100.540903][   T47] usb 2-1: Manufacturer: syz
[  100.546264][   T47] usb 2-1: SerialNumber: syz
[  100.566894][   T47] usb 2-1: config 0 descriptor??
[  100.570506][ T7198] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  100.580589][ T7198] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  100.596638][ T7211] loop2: detected capacity change from 0 to 40427
[  100.613613][ T7211] F2FS-fs (loop2): Wrong segment_count / block_count (31 > 0)
[  100.617096][ T7211] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  100.627622][ T7211] F2FS-fs (loop2): invalid crc value
[  100.716034][ T7211] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  100.721214][ T7211] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  100.724308][ T7211] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  100.776754][   T33] audit: type=1804 audit(1755038746.737:18): pid=7211 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.431" name="/newroot/152/file1/file1" dev="loop2" ino=10 res=1 errno=0
[  100.837054][ T5847] syz-executor: attempt to access beyond end of device
[  100.837054][ T5847] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  100.845059][ T7198] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  100.845352][ T5847] CPU: 1 UID: 0 PID: 5847 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  100.845369][ T5847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.845377][ T5847] Call Trace:
[  100.845382][ T5847]  <TASK>
[  100.845387][ T5847]  dump_stack_lvl+0x189/0x250
[  100.845451][ T5847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.845466][ T5847]  ? __pfx_queue_work_on+0x10/0x10
[  100.845479][ T5847]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  100.845493][ T5847]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  100.845515][ T5847]  f2fs_handle_critical_error+0x37c/0x540
[  100.845537][ T5847]  f2fs_write_end_io+0x886/0xb60
[  100.845568][ T5847]  __submit_merged_bio+0x27a/0x6a0
[  100.845588][ T5847]  __submit_merged_write_cond+0x255/0x530
[  100.845609][ T5847]  f2fs_write_data_pages+0x261d/0x3000
[  100.845651][ T5847]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  100.845711][ T5847]  ? folios_put_refs+0x559/0x640
[  100.845734][ T5847]  ? __lock_acquire+0xab9/0xd20
[  100.845758][ T5847]  ? do_raw_spin_lock+0x121/0x290
[  100.845780][ T5847]  ? do_raw_spin_unlock+0x4d/0x240
[  100.845795][ T5847]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  100.845813][ T5847]  do_writepages+0x32e/0x550
[  100.845835][ T5847]  ? do_raw_spin_unlock+0x4d/0x240
[  100.845851][ T5847]  filemap_fdatawrite+0x199/0x240
[  100.845866][ T5847]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  100.845912][ T5847]  ? do_raw_spin_unlock+0x4d/0x240
[  100.845923][ T5847]  f2fs_sync_dirty_inodes+0x31f/0x830
[  100.845940][ T5847]  f2fs_write_checkpoint+0x95a/0x1df0
[  100.845961][ T5847]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  100.845993][ T5847]  ? kill_f2fs_super+0x298/0x6c0
[  100.846005][ T5847]  kill_f2fs_super+0x2c3/0x6c0
[  100.846018][ T5847]  ? __pfx_kill_f2fs_super+0x10/0x10
[  100.846027][ T5847]  ? radix_tree_delete_item+0x2b6/0x400
[  100.846039][ T5847]  ? shrinker_free+0x2ce/0x3e0
[  100.846048][ T5847]  deactivate_locked_super+0xbc/0x130
[  100.846058][ T5847]  cleanup_mnt+0x425/0x4c0
[  100.846066][ T5847]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.846077][ T5847]  task_work_run+0x1d4/0x260
[  100.846088][ T5847]  ? __pfx_task_work_run+0x10/0x10
[  100.846095][ T5847]  ? __x64_sys_umount+0x122/0x160
[  100.846107][ T5847]  ? exit_to_user_mode_loop+0x40/0x110
[  100.846119][ T5847]  exit_to_user_mode_loop+0xec/0x110
[  100.846129][ T5847]  do_syscall_64+0x2bd/0x3b0
[  100.846137][ T5847]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.846144][ T5847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.846151][ T5847]  ? exc_page_fault+0x9f/0xf0
[  100.846161][ T5847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.846167][ T5847] RIP: 0033:0x7f9ea3d8ff17
[  100.846175][ T5847] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  100.846181][ T5847] RSP: 002b:00007fff2ab1a1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  100.846190][ T5847] RAX: 0000000000000000 RBX: 00007f9ea3e11c05 RCX: 00007f9ea3d8ff17
[  100.846194][ T5847] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff2ab1a270
[  100.846198][ T5847] RBP: 00007fff2ab1a270 R08: 0000000000000000 R09: 0000000000000000
[  100.846202][ T5847] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff2ab1b300
[  100.846207][ T5847] R13: 00007f9ea3e11c05 R14: 00000000000181e4 R15: 00007fff2ab1b340
[  100.846220][ T5847]  </TASK>
[  100.847495][ T5847] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  100.849472][ T7198] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  101.424617][   T47] Error reading MAC address
[  101.430341][ T7198] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  101.433426][ T7198] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  101.654364][   T47] sr9700 2-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[  101.664761][   T47] usb 2-1: USB disconnect, device number 7
[  101.945093][ T6169] kworker/u9:43: attempt to access beyond end of device
[  101.945093][ T6169] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  101.953079][ T6169] CPU: 0 UID: 0 PID: 6169 Comm: kworker/u9:43 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  101.953093][ T6169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  101.953100][ T6169] Workqueue: writeback wb_workfn (flush-7:0)
[  101.953114][ T6169] Call Trace:
[  101.953118][ T6169]  <TASK>
[  101.953122][ T6169]  dump_stack_lvl+0x189/0x250
[  101.953161][ T6169]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.953169][ T6169]  ? __pfx_queue_work_on+0x10/0x10
[  101.953176][ T6169]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  101.953186][ T6169]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  101.953199][ T6169]  f2fs_handle_critical_error+0x37c/0x540
[  101.953212][ T6169]  f2fs_write_end_io+0x886/0xb60
[  101.953230][ T6169]  __submit_merged_bio+0x27a/0x6a0
[  101.953241][ T6169]  __submit_merged_write_cond+0x255/0x530
[  101.953253][ T6169]  f2fs_write_data_pages+0x261d/0x3000
[  101.953278][ T6169]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  101.953293][ T6169]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  101.953319][ T6169]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  101.953327][ T6169]  ? look_up_lock_class+0x74/0x170
[  101.953346][ T6169]  ? trace_f2fs_writepages+0x7f/0x200
[  101.953355][ T6169]  ? f2fs_write_node_pages+0x478/0x6e0
[  101.953366][ T6169]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  101.953380][ T6169]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  101.953412][ T6169]  do_writepages+0x32e/0x550
[  101.953426][ T6169]  ? reacquire_held_locks+0x127/0x1d0
[  101.953434][ T6169]  ? writeback_sb_inodes+0x384/0x1010
[  101.953447][ T6169]  __writeback_single_inode+0x145/0xff0
[  101.953456][ T6169]  ? do_raw_spin_unlock+0x4d/0x240
[  101.953466][ T6169]  writeback_sb_inodes+0x6c7/0x1010
[  101.953487][ T6169]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  101.953515][ T6169]  ? rcu_is_watching+0x15/0xb0
[  101.953527][ T6169]  wb_writeback+0x43b/0xaf0
[  101.953540][ T6169]  ? queue_io+0x3d1/0x590
[  101.953549][ T6169]  ? __pfx_wb_writeback+0x10/0x10
[  101.953562][ T6169]  ? _raw_spin_unlock_irq+0x23/0x50
[  101.953571][ T6169]  wb_workfn+0x409/0xef0
[  101.953586][ T6169]  ? __pfx_wb_workfn+0x10/0x10
[  101.953596][ T6169]  ? __lock_acquire+0xab9/0xd20
[  101.953610][ T6169]  ? process_scheduled_works+0x9ef/0x17b0
[  101.953620][ T6169]  ? _raw_spin_unlock_irq+0x23/0x50
[  101.953627][ T6169]  ? process_scheduled_works+0x9ef/0x17b0
[  101.953632][ T6169]  ? process_scheduled_works+0x9ef/0x17b0
[  101.953640][ T6169]  process_scheduled_works+0xae1/0x17b0
[  101.953661][ T6169]  ? __pfx_process_scheduled_works+0x10/0x10
[  101.953680][ T6169]  worker_thread+0x8a0/0xda0
[  101.953700][ T6169]  kthread+0x711/0x8a0
[  101.953711][ T6169]  ? __pfx_worker_thread+0x10/0x10
[  101.953717][ T6169]  ? __pfx_kthread+0x10/0x10
[  101.953726][ T6169]  ? _raw_spin_unlock_irq+0x23/0x50
[  101.953733][ T6169]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.953740][ T6169]  ? __pfx_kthread+0x10/0x10
[  101.953748][ T6169]  ret_from_fork+0x3fc/0x770
[  101.953757][ T6169]  ? __pfx_ret_from_fork+0x10/0x10
[  101.953767][ T6169]  ? __switch_to_asm+0x39/0x70
[  101.953774][ T6169]  ? __switch_to_asm+0x33/0x70
[  101.953782][ T6169]  ? __pfx_kthread+0x10/0x10
[  101.953790][ T6169]  ret_from_fork_asm+0x1a/0x30
[  101.953806][ T6169]  </TASK>
[  101.954434][ T6169] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  102.305048][ T7227] futex_wake_op: syz.1.435 tries to shift op by 32; fix this program
[  102.445189][ T7239] loop1: detected capacity change from 0 to 128
[  102.450360][ T7239] EXT4-fs: Ignoring removed nobh option
[  102.453454][ T7237] netlink: 28 bytes leftover after parsing attributes in process `syz.2.440'.
[  102.464080][ T7239] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  102.471574][ T7239] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.495374][ T7239] fscrypt (loop1, inode 12): Unsupported encryption modes (contents 0, filenames 0)
[  102.517491][ T5842] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.531914][   T47] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  102.598671][ T7245] mkiss: ax0: crc mode is auto.
[  102.715431][   T47] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  102.721378][   T47] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  102.725693][   T47] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  102.736379][   T47] usb 1-1: config 1 has no interface number 0
[  102.739135][   T47] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  102.745175][   T47] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  102.751622][   T47] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  102.754440][   T47] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.767667][   T47] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  102.820028][ T7254] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.826528][ T7254] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.830792][ T7254] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.833685][ T7254] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.990648][   T47] snd_usb_pod 1-1:1.1: invalid control EP
[  103.000465][   T47] snd_usb_pod 1-1:1.1: cannot start listening: -22
[  103.007056][   T47] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  103.012242][   T47] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -22
[  103.107062][ T7265] loop2: detected capacity change from 0 to 1024
[  103.233572][   T47] usb 1-1: USB disconnect, device number 9
[  103.665126][  T976] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  103.826006][  T976] usb 3-1: Using ep0 maxpacket: 16
[  103.841205][  T976] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  103.844260][  T976] usb 3-1: config 0 has no interface number 0
[  103.846319][  T976] usb 3-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  103.851165][  T976] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  103.856815][  T976] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  103.863126][  T976] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  103.871553][  T976] usb 3-1: Product: syz
[  103.872994][  T976] usb 3-1: SerialNumber: syz
[  103.882414][  T976] usb 3-1: config 0 descriptor??
[  103.896267][  T976] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input7
[  104.102786][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.106947][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.109863][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.112316][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.114764][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.117044][    C1] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  104.120184][   T47] usb 3-1: USB disconnect, device number 9
[  104.133494][   T47] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  104.813725][ T7316] bond_slave_0: entered promiscuous mode
[  104.816040][ T7316] bond_slave_1: entered promiscuous mode
[  104.818707][ T7316] macvlan2: entered allmulticast mode
[  104.822567][ T7316] bond0: entered allmulticast mode
[  104.824628][ T7316] bond_slave_0: entered allmulticast mode
[  104.826934][ T7316] bond_slave_1: entered allmulticast mode
[  104.835189][ T7316] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  104.840113][ T7316] bridge0: port 3(macvlan2) entered blocking state
[  104.844812][ T7316] bridge0: port 3(macvlan2) entered disabled state
[  104.849405][ T7316] macvlan2: entered promiscuous mode
[  104.851328][ T7316] bond0: entered promiscuous mode
[  104.855057][ T7316] bridge0: port 3(macvlan2) entered blocking state
[  104.857540][ T7316] bridge0: port 3(macvlan2) entered forwarding state
[  104.914844][ T7321] syz_tun: entered allmulticast mode
[  104.921811][ T7320] syz_tun: left allmulticast mode
[  105.240317][ T7323] loop2: detected capacity change from 0 to 32768
[  105.250412][ T7323] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.477 (7323)
[  105.278729][ T7323] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  105.283796][ T7323] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  105.287497][ T7323] BTRFS info (device loop2): using free-space-tree
[  105.338546][ T7331] loop0: detected capacity change from 0 to 32768
[  105.363036][ T7331] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  105.375744][   T47] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  105.389063][   T33] audit: type=1800 audit(1755038751.058:19): pid=7323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.477" name="bus" dev="loop2" ino=263 res=0 errno=0
[  105.404573][ T7331] XFS (loop0): Ending clean mount
[  105.409533][ T7331] XFS (loop0): Quotacheck needed: Please wait.
[  105.431991][ T7331] XFS (loop0): Quotacheck: Done.
[  105.475613][ T5849] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  105.517173][ T5847] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  105.553527][   T47] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  105.559417][   T47] usb 2-1: New USB device found, idVendor=0471, idProduct=0303, bcdDevice=e5.df
[  105.562908][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.569120][   T47] usb 2-1: config 0 descriptor??
[  105.573363][   T47] pwc: Philips PCA646VC USB webcam detected.
[  105.762443][ T7360] loop0: detected capacity change from 0 to 1024
[  105.775087][ T7360] EXT4-fs: Ignoring removed nomblk_io_submit option
[  105.776609][ T7362] loop2: detected capacity change from 0 to 256
[  105.799748][   T47] pwc: send_video_command error -71
[  105.802006][   T47] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  105.816679][ T7360] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.941721][   T47] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[  105.950939][   T47] usb 2-1: USB disconnect, device number 8
[  105.981564][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.459887][ T7372] netlink: 'syz.1.487': attribute type 1 has an invalid length.
[  106.486917][ T7372] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.511998][ T7372] bond1: (slave ip6erspan0): making interface the new active one
[  106.518605][ T7372] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  106.881885][ T7388] random: crng reseeded on system resumption
[  107.021987][   T47] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  107.204430][   T47] usb 3-1: Using ep0 maxpacket: 8
[  107.210708][   T47] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  107.214240][   T47] usb 3-1: config 0 has no interface number 0
[  107.217437][   T47] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  107.222149][   T47] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  107.228081][   T47] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  107.233023][   T47] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  107.244241][   T47] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  107.251849][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.262558][   T47] usb 3-1: config 0 descriptor??
[  107.305406][   T47] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  107.616459][   T47] usb 3-1: USB disconnect, device number 10
[  107.618587][    C1] ldusb 3-1:0.55: usb_submit_urb failed (-19)
[  107.625225][ T7383] ldusb 3-1:0.55: Couldn't submit interrupt_out_urb -19
[  107.700946][   T47] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  108.101941][ T7397] loop1: detected capacity change from 0 to 32768
[  108.106271][ T7397] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.496 (7397)
[  108.115636][ T7397] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  108.119164][ T7397] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  108.121961][ T7397] BTRFS info (device loop1): using free-space-tree
[  108.185530][ T5842] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  108.650283][ T7440] loop2: detected capacity change from 0 to 64
[  108.673890][ T7434] loop0: detected capacity change from 0 to 4096
[  108.680324][ T7434] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  108.787039][ T7434] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  109.658719][ T7446] loop0: detected capacity change from 0 to 32768
[  109.659277][    T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  109.675141][ T7446] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  109.675141][ T7446] clean (size 2912):
[  109.675141][ T7446] flags:          0
[  109.675141][ T7446] journal_seq:    10
[  109.675141][ T7446] write_buffer_keys: btree=inodes level=0 u64s 8 type deleted 0:21474836481:0 len 0 ver 562954248388608: 
[  109.675141][ T7446] usage: type=key_version v=0
[  109.675141][ T7446] usage: type=reserved v=0
[  109.675141][ T7446] usage: type=reserved v=0
[  109.675141][ T7446] usage: type=reserved v=0
[  109.675141][ T7446] usage: type=reserved v=0
[  109.675141][ T7446] data_usage: btree: 1/1 [0]=2816
[  109.675141][ T7446] data_usage: journal: 1/1 [0]=0
[  109.675141][ T7446] data_usage: user: 1/1 [0]=16
[  109.675141][ T7446] dev_usage: dev=0  
[  109.675141][ T7446]   free: buckets=83 sectors=0 fragmented=0
[  109.675141][ T7446]   sb: buckets=25 sectors=6152 fragmented=248
[  109.675141][ T7446]   journal: buckets=8 sectors=2048 fragmented=0
[  109.675141][ T7446]   btree: buckets=11 sectors=2816 fragmented=0
[  109.675141][ T7446]   user: buckets=1 sectors=16 fragmented=240
[  109.675141][ T7446]   cached: buckets=0 sectors=0 fragmented=0
[  109.675141][ T7446]   parity: buckets=0 sectors=0 fragmented=0
[  109.675141][ T7446]   stripe: buckets=0 sectors=0 fragmented=0
[  109.675141][ T7446]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  109.675141][ T7446]   need_discard: buckets=0 sectors=0 fragmented=0
[  109.675141][ T7446] clock: read=0
[  109.675141][ T7446] clock:
[  109.675264][ T7446] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  110.210973][ T7454] loop2: detected capacity change from 0 to 131072
[  110.214305][ T7454] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  110.216923][ T7454] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  110.224921][ T7454] F2FS-fs (loop2): invalid crc value
[  110.258919][    T9] usb 2-1: Using ep0 maxpacket: 8
[  110.263107][ T7454] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  110.269739][ T7454] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  110.273185][ T7454] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  110.285495][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  110.289116][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.300479][    T9] pvrusb2: Hardware description: Terratec Grabster AV400
[  110.303576][    T9] pvrusb2: **********
[  110.306116][    T9] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  110.309905][    T9] pvrusb2: Important functionality might not be entirely working.
[  110.312463][    T9] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  110.316390][    T9] pvrusb2: **********
[  110.519657][ T2399] pvrusb2: Invalid write control endpoint
[  110.562856][ T2399] pvrusb2: Invalid write control endpoint
[  110.564998][ T2399] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  110.568010][ T2399] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  110.582501][ T2399] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  110.594589][ T2399] pvrusb2: Device being rendered inoperable
[  110.604418][ T2399] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  110.606981][ T2399] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  110.620188][ T2399] pvrusb2: Attached sub-driver cx25840
[  110.622940][ T2399] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  110.626816][ T2399] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  110.689197][   T24] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  110.740945][ T5879] usb 2-1: USB disconnect, device number 9
[  110.808349][ T7475] loop2: detected capacity change from 0 to 128
[  110.850222][   T24] usb 1-1: Using ep0 maxpacket: 32
[  110.861113][   T24] usb 1-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  110.865496][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.876970][   T24] usb 1-1: config 0 descriptor??
[  110.899640][   T24] as10x_usb: device has been detected
[  110.918465][   T24] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  110.919750][ T7481] sg_write: process 406 (syz.2.526) changed security contexts after opening file descriptor, this is not allowed.
[  110.940338][   T24] usb 1-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  110.981202][   T24] as10x_usb: error during firmware upload part1
[  110.984380][   T24] Registered device nBox DVB-T Dongle
[  111.100120][ T5879] usb 1-1: USB disconnect, device number 10
[  111.118845][ T5879] Unregistered device nBox DVB-T Dongle
[  111.120174][ T5879] as10x_usb: device has been disconnected
[  112.495599][ T5879] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  112.690697][ T5879] usb 3-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  112.695011][ T5879] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  112.698736][ T5879] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  112.703392][ T5879] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  112.707401][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.718592][ T7501] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  113.233701][ T5879] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  113.244221][ T5879] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input8
[  113.298217][ T5879] usb 3-1: USB disconnect, device number 11
[  113.298309][    C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  113.383536][ T7513] loop1: detected capacity change from 0 to 512
[  113.386999][ T7513] EXT4-fs: Ignoring removed i_version option
[  113.402885][ T7513] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.453933][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.494126][ T7517] sctp: [Deprecated]: syz.1.539 (pid 7517) Use of struct sctp_assoc_value in delayed_ack socket option.
[  113.494126][ T7517] Use struct sctp_sack_info instead
[  113.582118][ T7521] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  113.923500][ T7543] netlink: 4 bytes leftover after parsing attributes in process `syz.2.552'.
[  114.233769][ T7555] loop2: detected capacity change from 0 to 32768
[  114.248210][ T7555] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.558 (7555)
[  114.269058][ T7552] loop0: detected capacity change from 0 to 32768
[  114.272616][ T7555] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  114.276358][ T7555] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  114.279533][ T7555] BTRFS info (device loop2): using free-space-tree
[  114.289746][ T7552] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section errors: entries out of order
[  114.289746][ T7552] errors (size 64):
[  114.289746][ T7552] (unknown error 63098)           98139432299383  16981954538416098692
[  114.289746][ T7552] backpointer_to_missing_ptr      0               34376515584
[  114.289746][ T7552] (unknown error 62899)           26163           1611530240
[  114.289746][ T7552] 
[  114.306361][ T7552] bcachefs: bch2_fs_get_tree() error: invalid_sb_errors
[  114.372996][ T7567] loop0: detected capacity change from 0 to 256
[  114.394666][ T7567] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  114.422845][ T7567] exFAT-fs (loop0): start_clu is invalid cluster(0x0)
[  114.550705][ T5847] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  115.083207][ T7597] netlink: 4 bytes leftover after parsing attributes in process `syz.2.570'.
[  115.493760][ T7613] loop1: detected capacity change from 0 to 32768
[  115.544968][   T54] Bluetooth: hci3: sending frame failed (-49)
[  115.548634][ T5844] Bluetooth: hci3: Opcode 0x1003 failed: -49
[  115.567116][ T7613] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  115.595203][ T7613] XFS (loop1): Ending clean mount
[  115.604161][ T7613] XFS (loop1): Quotacheck needed: Please wait.
[  115.641863][ T7613] XFS (loop1): Quotacheck: Done.
[  115.829012][ T5842] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  116.029403][ T7633] loop1: detected capacity change from 0 to 1024
[  116.032982][ T7633] EXT4-fs: Ignoring removed orlov option
[  116.050287][ T7633] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  116.074463][ T7633] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.136221][ T7640] veth1_macvtap: left promiscuous mode
[  116.138251][ T7640] macsec0: entered promiscuous mode
[  116.140093][ T7640] macsec0: entered allmulticast mode
[  116.145043][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.160484][ T7640] veth1_macvtap: entered promiscuous mode
[  116.164704][ T7640] veth1_macvtap: entered allmulticast mode
[  116.168817][ T7640] macsec0: left promiscuous mode
[  116.170770][ T7640] macsec0: left allmulticast mode
[  116.185407][ T7640] veth1_macvtap: left allmulticast mode
[  116.266470][ T7646] netlink: 56 bytes leftover after parsing attributes in process `syz.0.586'.
[  116.270765][ T7646] netlink: 24 bytes leftover after parsing attributes in process `syz.0.586'.
[  116.378928][ T7656] loop1: detected capacity change from 0 to 512
[  116.382509][ T7656] EXT4-fs: Ignoring removed oldalloc option
[  116.427988][ T7656] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.591: Parent and EA inode have the same ino 15
[  116.450144][ T7656] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.591: Parent and EA inode have the same ino 15
[  116.458141][ T7656] EXT4-fs (loop1): 1 orphan inode deleted
[  116.461237][ T7656] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.488556][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.643923][ T7672] loop1: detected capacity change from 0 to 512
[  116.646796][ T7664] loop0: detected capacity change from 0 to 8192
[  116.652912][ T7672] EXT4-fs (loop1): Test dummy encryption mode enabled
[  116.664266][ T7672] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  116.708771][ T7672] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.598: bad orphan inode 131083
[  116.714908][ T7672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.855637][ T7672] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  117.002646][ T7672] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  117.037980][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.061924][   T24] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  117.231801][   T24] usb 1-1: Using ep0 maxpacket: 16
[  117.239229][   T24] usb 1-1: config 0 interface 0 has no altsetting 0
[  117.242389][   T24] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  117.245713][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.259006][   T24] usb 1-1: config 0 descriptor??
[  117.462789][ T7691] loop2: detected capacity change from 0 to 32768
[  117.478062][ T7691] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.602 (7691)
[  117.517235][ T7691] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.521987][ T7691] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  117.525092][ T7691] BTRFS info (device loop2): disk space caching is enabled
[  117.534019][ T7691] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  117.724513][   T24] hid (null): global environment stack underflow
[  117.726832][   T24] hid (null): global environment stack underflow
[  117.737132][   T24] hid (null): report_id 3899690137 is invalid
[  117.740737][   T24] hid (null): report_id 1862125167 is invalid
[  117.752083][ T7691] BTRFS info (device loop2): rebuilding free space tree
[  117.805238][ T7691] BTRFS info (device loop2): disabling free space tree
[  117.812349][ T7691] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  117.822357][ T7691] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  118.036866][ T5847] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  118.047877][   T24] usb 1-1: USB disconnect, device number 11
[  118.644582][ T7715] loop2: detected capacity change from 0 to 32768
[  118.653497][ T7715] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.605 (7715)
[  118.710790][ T7715] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  118.715346][ T7715] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  118.727180][ T7717] netlink: 28 bytes leftover after parsing attributes in process `syz.0.606'.
[  118.733151][ T7717] netlink: 28 bytes leftover after parsing attributes in process `syz.0.606'.
[  118.744914][ T7715] BTRFS info (device loop2): using free-space-tree
[  118.987107][ T5847] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  119.353062][ T7735] loop0: detected capacity change from 0 to 32768
[  119.357255][ T7735] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.608 (7735)
[  119.478104][ T7735] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  119.483025][ T7735] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  119.489938][ T7735] BTRFS info (device loop0): using free-space-tree
[  119.834162][   T33] audit: type=1800 audit(1755038764.575:20): pid=7735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.608" name="file1" dev="loop0" ino=260 res=0 errno=0
[  119.922025][ T5849] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  120.245135][    C1] ata1: illegal qc_active transition (00000000->00000020)
[  120.270141][ T7785] netlink: 'syz.1.622': attribute type 2 has an invalid length.
[  120.273858][ T7785] netlink: 'syz.1.622': attribute type 1 has an invalid length.
[  120.523672][ T7797] netlink: 16 bytes leftover after parsing attributes in process `syz.2.628'.
[  120.579577][ T7797] bond0: entered promiscuous mode
[  120.581949][ T7797] bond_slave_0: entered promiscuous mode
[  120.586514][ T7797] bond_slave_1: entered promiscuous mode
[  120.610478][ T7797] bond0: left promiscuous mode
[  120.616142][ T7797] bond_slave_0: left promiscuous mode
[  120.624778][ T7797] bond_slave_1: left promiscuous mode
[  120.698987][ T1061] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[  120.719161][ T1061] ata1.00: configured for UDMA/100
[  121.265701][ T7816] loop0: detected capacity change from 0 to 32768
[  121.283350][ T7816] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.636 (7816)
[  121.306110][ T7816] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  121.309541][ T7816] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  121.312634][ T7816] BTRFS info (device loop0): using free-space-tree
[  121.410897][ T7852] netlink: 20 bytes leftover after parsing attributes in process `syz.2.648'.
[  121.485427][ T5849] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  121.794746][ T7871] input: syz1 as /devices/virtual/input/input9
[  121.802704][ T7871] input: failed to attach handler leds to device input9, error: -6
[  121.874998][ T7877] loop2: detected capacity change from 0 to 1024
[  121.936604][ T6207] hfsplus: b-tree write err: -5, ino 8
[  122.082143][ T7886] loop2: detected capacity change from 0 to 4096
[  123.157934][ T7902] openvswitch: netlink: EtherType 0 is less than min 600
[  123.266874][ T7910] netlink: 'syz.0.672': attribute type 6 has an invalid length.
[  123.416502][ T7923] loop2: detected capacity change from 0 to 1024
[  123.452783][ T6122] hfsplus: b-tree write err: -5, ino 4
[  123.615669][ T7940] loop1: detected capacity change from 0 to 64
[  123.888032][ T7955] netlink: 'syz.2.693': attribute type 2 has an invalid length.
[  123.909404][   T47] kernel write not supported for file /amidi2 (pid: 47 comm: kworker/1:1)
[  123.946279][ T5836] usb 1-1: new low-speed USB device number 12 using dummy_hcd
[  124.080288][ T7966] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.697'.
[  124.112396][ T5836] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt
[  124.128427][ T5836] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt
[  124.165986][ T5836] usb 1-1: string descriptor 0 read error: -22
[  124.168912][ T5836] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.199139][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.476188][ T5836] cdc_ncm 1-1:1.0: bind() failure
[  124.500784][ T5836] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  124.513432][ T5836] cdc_ncm 1-1:1.1: bind() failure
[  124.547811][ T5836] usb 1-1: USB disconnect, device number 12
[  125.212345][ T7983] netlink: 'syz.0.702': attribute type 2 has an invalid length.
[  125.215018][ T7983] netlink: 'syz.0.702': attribute type 8 has an invalid length.
[  125.218358][ T7983] netlink: 132 bytes leftover after parsing attributes in process `syz.0.702'.
[  125.351004][ T7989] loop0: detected capacity change from 0 to 1024
[  125.387017][ T7989] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.419646][   T33] audit: type=1800 audit(1755038769.794:21): pid=7989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.705" name="file2" dev="loop0" ino=16 res=0 errno=0
[  125.508110][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.755311][ T8013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.716'.
[  125.787487][ T8015] netlink: 8 bytes leftover after parsing attributes in process `syz.1.715'.
[  125.791177][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.1.715'.
[  125.796066][ T8015] netlink: 'syz.1.715': attribute type 14 has an invalid length.
[  125.798854][ T8015] netlink: 'syz.1.715': attribute type 11 has an invalid length.
[  126.669315][ T8021] loop1: detected capacity change from 0 to 131072
[  126.673995][ T8021] F2FS-fs (loop1): Test dummy encryption mode enabled
[  126.678898][ T8021] F2FS-fs (loop1): invalid crc value
[  126.744338][ T8021] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  126.757747][ T8021] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  126.871910][ T8046] netlink: 20 bytes leftover after parsing attributes in process `syz.0.729'.
[  127.321797][ T8064] loop0: detected capacity change from 0 to 164
[  127.353057][ T8064] Unable to read rock-ridge attributes
[  127.367316][ T8064] Unable to read rock-ridge attributes
[  127.384181][ T8070] netlink: 8 bytes leftover after parsing attributes in process `syz.1.728'.
[  127.388032][ T8070] netlink: 'syz.1.728': attribute type 5 has an invalid length.
[  127.390826][ T8070] netlink: 20 bytes leftover after parsing attributes in process `syz.1.728'.
[  127.397174][ T8070] geneve2: entered promiscuous mode
[  127.400684][ T8070] geneve2: entered allmulticast mode
[  127.404827][ T5871] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  127.413540][ T5871] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  127.418367][ T5871] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  127.425348][ T5871] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  127.654920][   T24] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  127.724387][ T8082] loop0: detected capacity change from 0 to 256
[  127.736447][ T8082] exfat: Deprecated parameter 'utf8'
[  127.799346][ T8082] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdd33351c, utbl_chksum : 0xe619d30d)
[  127.816441][   T24] usb 3-1: Using ep0 maxpacket: 16
[  127.833945][   T24] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[  127.847987][   T24] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  127.866770][   T24] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  127.871883][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.874949][   T24] usb 3-1: Product: syz
[  127.876592][   T24] usb 3-1: Manufacturer: syz
[  127.878266][   T24] usb 3-1: SerialNumber: syz
[  128.144045][   T24] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  128.163104][   T24] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  128.408190][   T24] usb 3-1: USB disconnect, device number 12
[  128.658060][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  130.013421][ T8087] loop1: detected capacity change from 0 to 65536
[  130.045702][ T8087] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  130.085658][ T8087] XFS (loop1): Ending clean mount
[  130.089341][ T8087] XFS (loop1): Quotacheck needed: Please wait.
[  130.105847][ T8101] loop0: detected capacity change from 0 to 128
[  130.112055][ T8101] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  130.120424][ T8101] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  130.153388][ T8087] XFS (loop1): Quotacheck: Done.
[  130.515567][ T5842] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  130.541699][   T33] audit: type=1326 audit(1755038774.378:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.560461][   T33] audit: type=1326 audit(1755038774.387:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.568582][   T33] audit: type=1326 audit(1755038774.387:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.583425][   T33] audit: type=1326 audit(1755038774.387:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.590855][   T33] audit: type=1326 audit(1755038774.387:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.605904][   T33] audit: type=1326 audit(1755038774.387:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.625906][   T33] audit: type=1326 audit(1755038774.387:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.660792][ T8105] loop0: detected capacity change from 0 to 40427
[  130.665599][ T8105] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  130.669026][ T8105] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  130.673035][   T33] audit: type=1326 audit(1755038774.387:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.673974][ T8105] F2FS-fs (loop0): invalid crc value
[  130.722773][   T33] audit: type=1326 audit(1755038774.387:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.729026][ T8105] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  130.748998][ T8105] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  130.752069][ T8105] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  130.794988][   T33] audit: type=1326 audit(1755038774.387:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.825157][   T33] audit: type=1326 audit(1755038774.387:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.861785][   T33] audit: type=1326 audit(1755038774.387:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.876976][   T33] audit: type=1326 audit(1755038774.387:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.888490][   T33] audit: type=1326 audit(1755038774.387:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.897969][   T33] audit: type=1326 audit(1755038774.387:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.908624][   T33] audit: type=1326 audit(1755038774.387:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.922911][   T33] audit: type=1326 audit(1755038774.397:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.932065][   T33] audit: type=1326 audit(1755038774.397:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  130.948512][   T33] audit: type=1326 audit(1755038774.397:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  131.412019][ T8119] loop1: detected capacity change from 0 to 32768
[  131.506854][ T8119] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,read_only,reconstruct_alloc
[  131.506873][ T8119]   allowing incompatible features above 0.0: (unknown version)
[  131.506882][ T8119]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  131.523550][ T8119] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  131.526864][ T8119] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  131.529825][ T8119] bcachefs (loop1): Version upgrade required:
[  131.529825][ T8119] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  131.529825][ T8119] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  131.529825][ T8119]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  131.555760][ T8119] bcachefs (loop1): dropping and reconstructing all alloc info
[  131.564864][ T8136] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  131.570510][ T8136] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  131.573666][ T8119] bcachefs (loop1): accounting_read... done
[  131.585891][ T8119] bcachefs (loop1): alloc_read... done
[  131.593331][ T8119] bcachefs (loop1): done starting filesystem
[  131.676411][ T5842] bcachefs (loop1): shutting down
[  131.725846][ T5842] bcachefs (loop1): shutdown complete
[  131.826687][ T8149] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  132.293482][ T8158] loop2: detected capacity change from 0 to 256
[  132.301714][ T8158] exfat: Deprecated parameter 'namecase'
[  132.312288][ T8158] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  132.745370][ T8169] loop0: detected capacity change from 0 to 4096
[  132.782521][ T8170] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  132.962443][ T8172] _Z`Ԁ@: entered promiscuous mode
[  133.330659][ T8178] loop1: detected capacity change from 0 to 64
[  133.737396][ T8189] loop2: detected capacity change from 0 to 256
[  133.746519][ T8189] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xac5c0b1f, utbl_chksum : 0xe619d30d)
[  133.755027][ T8191] syz.0.783: attempt to access beyond end of device
[  133.755027][ T8191] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  133.812596][   T24] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  133.816817][ T8195] trusted_key: encrypted_key: key trusted:syz not found
[  133.984574][   T24] usb 2-1: Using ep0 maxpacket: 32
[  133.994213][   T24] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  133.998328][   T24] usb 2-1: config 0 has no interface number 0
[  134.000964][   T24] usb 2-1: config 0 interface 184 has no altsetting 0
[  134.007838][   T24] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  134.011587][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.021628][   T24] usb 2-1: Product: syz
[  134.023206][   T24] usb 2-1: Manufacturer: syz
[  134.024746][   T24] usb 2-1: SerialNumber: syz
[  134.031604][   T24] usb 2-1: config 0 descriptor??
[  134.036607][   T24] smsc75xx v1.0.0
[  134.397858][ T5836] kernel read not supported for file /dsp (pid: 5836 comm: kworker/0:3)
[  134.785478][ T5836] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  134.947640][ T5836] usb 1-1: Using ep0 maxpacket: 16
[  134.961473][ T5836] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  134.966682][ T5836] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  134.972568][ T5836] usb 1-1: New USB device found, idVendor=0458, idProduct=500f, bcdDevice= 0.00
[  134.976972][ T5836] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.991204][ T5836] usb 1-1: config 0 descriptor??
[  135.315436][ T8216] loop2: detected capacity change from 0 to 4096
[  135.322794][ T8216] EXT4-fs: Conflicting test_dummy_encryption options
[  135.352186][   T24] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  135.361348][   T24] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  135.367966][   T24] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  135.374769][   T24] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  135.381898][   T24] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  135.388795][   T24] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  135.393540][   T24] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  135.401978][   T24] usb 2-1: USB disconnect, device number 10
[  135.442034][ T5836] kye 0003:0458:500F.0005: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  135.456585][ T5836] kye 0003:0458:500F.0005: item fetching failed at offset 4/5
[  135.461154][ T5836] kye 0003:0458:500F.0005: parse failed
[  135.463569][ T5836] kye 0003:0458:500F.0005: probe with driver kye failed with error -22
[  135.660040][   T24] usb 1-1: USB disconnect, device number 13
[  135.747724][ T5836] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  135.908027][ T5836] usb 3-1: Using ep0 maxpacket: 32
[  135.930761][ T5836] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  135.934309][ T5836] usb 3-1: config 0 has no interface number 0
[  135.946018][ T5836] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  135.949711][ T5836] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.965341][ T5836] usb 3-1: Product: syz
[  135.967192][ T5836] usb 3-1: Manufacturer: syz
[  135.969169][ T5836] usb 3-1: SerialNumber: syz
[  135.985085][ T5836] usb 3-1: config 0 descriptor??
[  135.995460][ T5836] smsc95xx v2.0.0
[  136.354493][   T33] kauditd_printk_skb: 25 callbacks suppressed
[  136.354508][   T33] audit: type=1326 audit(1755038780.018:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8239 comm="syz.0.806" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  136.387456][   T33] audit: type=1326 audit(1755038780.037:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8239 comm="syz.0.806" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  136.413087][   T33] audit: type=1326 audit(1755038780.037:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8239 comm="syz.0.806" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  136.424038][   T33] audit: type=1326 audit(1755038780.037:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8239 comm="syz.0.806" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  136.439133][   T33] audit: type=1326 audit(1755038780.037:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8239 comm="syz.0.806" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  136.449494][   T33] audit: type=1326 audit(1755038780.037:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8239 comm="syz.0.806" exe="/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  136.458959][   T33] audit: type=1326 audit(1755038780.037:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8239 comm="syz.0.806" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f5118ebe9 code=0x7ffc0000
[  136.528437][ T8244] loop1: detected capacity change from 0 to 128
[  136.535670][ T8244] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  136.588310][ T8244] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  136.595620][ T8244] ext2 filesystem being mounted at /275/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  136.684646][ T5842] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  136.798056][ T8242] loop0: detected capacity change from 0 to 32768
[  136.802328][ T8242] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.807 (8242)
[  136.819937][ T8242] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  136.831903][ T8242] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  136.840550][ T8242] BTRFS info (device loop0): using free-space-tree
[  136.895288][ T1366] ieee802154 phy0 wpan0: encryption failed: -22
[  136.898133][ T1366] ieee802154 phy1 wpan1: encryption failed: -22
[  136.973660][ T8268] loop1: detected capacity change from 0 to 128
[  137.007785][ T5849] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  137.084732][ T5836] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  137.094852][ T5836] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  137.116422][ T5836] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  137.121368][ T5836] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  137.158135][ T5836] usb 3-1: USB disconnect, device number 13
[  137.369111][ T5836] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  137.379271][ T5836] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  137.542456][ T8282] hid-generic 0000:0000:0000.0006: pid 8282 passed too short report
[  137.730289][ T8293] loop2: detected capacity change from 0 to 1024
[  138.054811][ T8313] loop2: detected capacity change from 0 to 128
[  138.346868][ T8333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.840'.
[  138.755894][ T8348] loop1: detected capacity change from 0 to 32768
[  138.761775][ T8348] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.846 (8348)
[  138.795164][ T8350] loop2: detected capacity change from 0 to 40427
[  138.798766][ T8350] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  138.801022][ T8350] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  138.803882][ T8350] F2FS-fs (loop2): build fault injection rate: 17008
[  138.806206][ T8350] F2FS-fs (loop2): build fault injection type: 0x1f8
[  138.822829][ T8350] F2FS-fs (loop2): invalid crc value
[  138.857421][ T8350] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  138.862715][ T8348] BTRFS info (device loop1 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  138.864401][ T8350] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  138.870222][ T8350] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  138.874209][ T8348] BTRFS info (device loop1 state S): using crc32c (crc32c-lib) checksum algorithm
[  138.877794][ T8348] BTRFS info (device loop1 state S): using free-space-tree
[  138.896102][ T8350] syz.2.847: attempt to access beyond end of device
[  138.896102][ T8350] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.904018][ T8350] CPU: 0 UID: 0 PID: 8350 Comm: syz.2.847 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  138.904045][ T8350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  138.904054][ T8350] Call Trace:
[  138.904062][ T8350]  <TASK>
[  138.904069][ T8350]  dump_stack_lvl+0x189/0x250
[  138.904095][ T8350]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.904110][ T8350]  ? __pfx_queue_work_on+0x10/0x10
[  138.904123][ T8350]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  138.904138][ T8350]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  138.904158][ T8350]  f2fs_handle_critical_error+0x37c/0x540
[  138.904181][ T8350]  f2fs_write_end_io+0x886/0xb60
[  138.904212][ T8350]  __submit_merged_bio+0x27a/0x6a0
[  138.904258][ T8350]  __submit_merged_write_cond+0x255/0x530
[  138.904273][ T8350]  f2fs_write_data_pages+0x261d/0x3000
[  138.904297][ T8350]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.904333][ T8350]  ? check_path+0x21/0x40
[  138.904344][ T8350]  ? check_noncircular+0xe0/0x160
[  138.904390][ T8350]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.904406][ T8350]  do_writepages+0x32e/0x550
[  138.904422][ T8350]  ? do_raw_spin_unlock+0x4d/0x240
[  138.904432][ T8350]  filemap_fdatawrite+0x199/0x240
[  138.904445][ T8350]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  138.904493][ T8350]  ? do_raw_spin_unlock+0x4d/0x240
[  138.904509][ T8350]  f2fs_sync_dirty_inodes+0x31f/0x830
[  138.904529][ T8350]  f2fs_write_checkpoint+0x95a/0x1df0
[  138.904548][ T8350]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  138.904595][ T8350]  ? down_write+0x162/0x1f0
[  138.904612][ T8350]  ? __pfx_down_write+0x10/0x10
[  138.904635][ T8350]  f2fs_issue_checkpoint+0x3ac/0x570
[  138.904656][ T8350]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  138.904680][ T8350]  ? do_raw_spin_lock+0x121/0x290
[  138.904702][ T8350]  ? __pfx_wake_up_var+0x10/0x10
[  138.904726][ T8350]  ? f2fs_sync_fs+0x200/0x3d0
[  138.904741][ T8350]  f2fs_create+0x44b/0x5c0
[  138.904764][ T8350]  vfs_create+0x24e/0x400
[  138.904783][ T8350]  do_mknodat+0x3c6/0x4d0
[  138.904800][ T8350]  ? __pfx_do_mknodat+0x10/0x10
[  138.904814][ T8350]  ? getname_flags+0x1e5/0x540
[  138.904828][ T8350]  __x64_sys_mknodat+0xa7/0xc0
[  138.904844][ T8350]  do_syscall_64+0xfa/0x3b0
[  138.904857][ T8350]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.904868][ T8350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.904879][ T8350]  ? exc_page_fault+0x9f/0xf0
[  138.904893][ T8350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.904904][ T8350] RIP: 0033:0x7f9ea3d8ebe9
[  138.904917][ T8350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.904926][ T8350] RSP: 002b:00007f9ea4b8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  138.904941][ T8350] RAX: ffffffffffffffda RBX: 00007f9ea3fb5fa0 RCX: 00007f9ea3d8ebe9
[  138.904949][ T8350] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000005
[  138.904958][ T8350] RBP: 00007f9ea3e11e19 R08: 0000000000000000 R09: 0000000000000000
[  138.904965][ T8350] R10: 0000000000000704 R11: 0000000000000246 R12: 0000000000000000
[  138.904973][ T8350] R13: 00007f9ea3fb6038 R14: 00007f9ea3fb5fa0 R15: 00007fff2ab1af28
[  138.904993][ T8350]  </TASK>
[  138.904999][ T8350] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  139.048287][ T6207] BTRFS warning (device loop1 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xf6479a7e level 0, ignored
[  139.116203][ T6212] BTRFS warning (device loop1 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xcd9414ca level 0, ignored
[  139.148371][ T6212] BTRFS warning (device loop1 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x28b693f7 level 0, ignored
[  139.170292][ T8348] BTRFS error (device loop1 state CS): failed to load root free space
[  139.197302][ T6212] BTRFS warning (device loop1 state CS): checksum verify failed on logical 5267456 mirror 1 wanted 0x22fa3277 found 0x0d9b21b0 level 0, ignored
[  139.304854][ T5842] BTRFS info (device loop1 state CS): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  139.671329][ T5836] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  139.834866][ T5836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.839461][ T5836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.844600][ T5836] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  139.849039][ T5836] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.860956][ T5836] usb 3-1: config 0 descriptor??
[  140.001542][ T8414] netlink: 8 bytes leftover after parsing attributes in process `syz.1.866'.
[  140.007929][ T8414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.866'.
[  140.015310][ T8414] netlink: 8 bytes leftover after parsing attributes in process `syz.1.866'.
[  140.019556][ T8414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.866'.
[  140.094121][ T8421] loop1: detected capacity change from 0 to 256
[  140.098013][ T8421] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  140.154848][ T8424] program syz.1.870 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  140.259825][ T8431] loop0: detected capacity change from 0 to 1024
[  140.288755][ T6122] hfsplus: b-tree write err: -5, ino 4
[  140.310807][ T5836] hid-steam 0003:28DE:1142.0007: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  140.376733][ T5836] hid-steam 0003:28DE:1142.0007: Steam wireless receiver connected
[  140.394490][ T5836] hid-steam 0003:28DE:1142.0008: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  140.603775][ T8445] netlink: 'syz.0.879': attribute type 4 has an invalid length.
[  140.606284][ T8445] netlink: 32 bytes leftover after parsing attributes in process `syz.0.879'.
[  140.738145][ T8456] loop0: detected capacity change from 0 to 64
[  140.816553][ T8460] loop0: detected capacity change from 0 to 128
[  140.829256][ T8460] EXT4-fs (loop0): Test dummy encryption mode enabled
[  140.837076][ T8460] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.841551][ T8460] ext4 filesystem being mounted at /293/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.867955][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.960288][ T8467] loop0: detected capacity change from 0 to 512
[  141.555356][ T8472] loop1: detected capacity change from 0 to 1024
[  141.730166][   T33] audit: type=1800 audit(1755038785.051:73): pid=8472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.890" name="bus" dev="loop1" ino=26 res=0 errno=0
[  141.858181][ T6225] hfsplus: b-tree write err: -5, ino 4
[  142.238406][ T8480] netlink: 'syz.2.893': attribute type 14 has an invalid length.
[  142.396268][ T5836] usb 3-1: USB disconnect, device number 14
[  142.442004][ T5836] hid-steam 0003:28DE:1142.0007: Steam wireless receiver disconnected
[  142.560075][ T8491] netlink: 212388 bytes leftover after parsing attributes in process `syz.2.897'.
[  142.563864][ T8491] openvswitch: netlink: Message has 5 unknown bytes.
[  142.631745][ T8494] loop0: detected capacity change from 0 to 128
[  142.733757][ T8499] loop2: detected capacity change from 0 to 4096
[  142.813975][ T8501] loop0: detected capacity change from 0 to 4096
[  142.969410][ T8503] loop2: detected capacity change from 0 to 64
[  143.011147][ T8497] loop1: detected capacity change from 0 to 32768
[  143.042959][ T8497] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.064365][ T8514] loop0: detected capacity change from 0 to 1024
[  143.138082][ T8497] XFS (loop1): Ending clean mount
[  143.154080][ T8497] XFS (loop1): Quotacheck needed: Please wait.
[  143.192717][ T8497] XFS (loop1): Quotacheck: Done.
[  143.247502][ T5842] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.689150][ T8534] loop1: detected capacity change from 0 to 128
[  143.827381][ T8534] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.833203][ T8534] ext4 filesystem being mounted at /303/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  143.843571][ T8534] __find_get_block_slow() failed. block=144115188075855873, b_blocknr=0, b_state=0x00000019, b_size=1024, device loop1 blocksize: 1024
[  143.849646][ T8534] grow_buffers: requested out-of-range block 144115188075855873 for device loop1
[  143.853186][ T8534] EXT4-fs warning (device loop1): ext4_resize_fs:2019: can't read last block, resize aborted
[  143.876200][ T5842] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  144.038018][ T8543] RDS: rds_bind could not find a transport for 0:0:4::1, load rds_tcp or rds_rdma?
[  144.048995][ T8545] netlink: 72 bytes leftover after parsing attributes in process `syz.1.917'.
[  144.149666][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.922'.
[  144.176468][ T8555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.923'.
[  144.236929][ T8559] syz.2.926: attempt to access beyond end of device
[  144.236929][ T8559] loop2: rw=0, sector=16, nr_sectors = 2 limit=0
[  144.275577][ T8563] netlink: 68 bytes leftover after parsing attributes in process `syz.2.927'.
[  144.298532][ T8563] netlink: 12 bytes leftover after parsing attributes in process `syz.2.927'.
[  144.349467][   T33] audit: type=1326 audit(1755038787.492:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.364917][   T33] audit: type=1326 audit(1755038787.492:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.378337][   T33] audit: type=1326 audit(1755038787.492:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.398578][   T33] audit: type=1326 audit(1755038787.492:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.415048][   T33] audit: type=1326 audit(1755038787.492:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.428507][   T33] audit: type=1326 audit(1755038787.492:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.444497][   T33] audit: type=1326 audit(1755038787.492:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.452809][   T33] audit: type=1326 audit(1755038787.492:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.457022][ T8573] netlink: 24 bytes leftover after parsing attributes in process `syz.2.932'.
[  144.460244][   T33] audit: type=1326 audit(1755038787.492:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  144.794954][ T8581] loop2: detected capacity change from 0 to 256
[  144.818233][ T8581] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  144.822958][ T8581] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  144.856967][ T8581] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  146.217497][ T8597] loop2: detected capacity change from 0 to 512
[  146.240864][ T8597] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.937: iget: bad extended attribute block 1
[  146.245591][ T8597] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.937: couldn't read orphan inode 15 (err -117)
[  146.250752][ T8597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.297501][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.539441][ T5844] Bluetooth: hci1: link tx timeout
[  146.542337][ T5844] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  146.550917][   T54] Bluetooth: hci1: link tx timeout
[  146.552941][   T54] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  146.736931][ T8634] netlink: 248 bytes leftover after parsing attributes in process `syz.0.947'.
[  147.270925][   T33] kauditd_printk_skb: 3770 callbacks suppressed
[  147.270936][   T33] audit: type=1326 audit(142.247:3853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.160349][   T33] audit: type=1326 audit(142.294:3854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.177269][   T33] audit: type=1326 audit(142.294:3855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.199754][   T33] audit: type=1326 audit(142.294:3856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.206929][   T33] audit: type=1326 audit(142.294:3857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.213885][   T33] audit: type=1326 audit(142.294:3858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.220658][   T33] audit: type=1326 audit(142.294:3859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.228171][   T33] audit: type=1326 audit(142.294:3860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.236418][   T33] audit: type=1326 audit(142.294:3861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.242984][   T33] audit: type=1326 audit(142.294:3862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.1.929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ba38ebe9 code=0x50000
[  148.390731][ T8665] loop0: detected capacity change from 0 to 128
[  148.424778][ T8665] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  148.780389][ T5844] Bluetooth: hci1: command 0x0406 tx timeout
[  149.122525][ T8678] loop1: detected capacity change from 0 to 32768
[  149.859357][ T5836] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  150.019654][ T5836] usb 1-1: Using ep0 maxpacket: 32
[  150.027104][ T5836] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.031780][ T5836] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  150.035103][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.037999][ T5836] usb 1-1: Product: syz
[  150.039484][ T5836] usb 1-1: Manufacturer: syz
[  150.042031][ T5836] usb 1-1: SerialNumber: syz
[  150.057058][ T5836] usb 1-1: config 0 descriptor??
[  150.175346][ T8725] loop2: detected capacity change from 0 to 131072
[  150.181537][ T8725] F2FS-fs (loop2): Invalid log sectorsize (67108873)
[  150.184275][ T8725] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  150.188693][ T8725] F2FS-fs (loop2): invalid crc value
[  150.223897][ T8725] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  150.227987][ T8725] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  150.230768][ T8725] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  150.253899][ T8725] F2FS-fs (loop2): inconsistent node block, node_type:2, nid:8, node_footer[nid:8,ino:8,ofs:0,cpver:5013063228981249506,blkaddr:100678662]
[  150.262166][   T47] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  150.437377][   T47] usb 2-1: Using ep0 maxpacket: 32
[  150.449292][   T47] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.453878][   T47] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.469235][   T47] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  150.479536][   T47] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  150.483125][   T47] usb 2-1: Product: syz
[  150.487324][   T47] usb 2-1: Manufacturer: syz
[  150.495431][ T5836] gs_usb 1-1:0.0: Configuring for 84 interfaces
[  150.499428][ T5836] gs_usb 1-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  150.502441][   T47] hub 2-1:4.0: USB hub found
[  150.502977][ T5836] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -22
[  150.717882][ T5836] usb 1-1: USB disconnect, device number 14
[  150.728659][   T47] hub 2-1:4.0: 2 ports detected
[  150.840549][ T8763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.968'.
[  150.942665][   T47] hub 2-1:4.0: hub_hub_status failed (err = -71)
[  150.945896][   T47] hub 2-1:4.0: config failed, can't get hub status (err -71)
[  150.974337][   T47] usb 2-1: USB disconnect, device number 11
[  151.142217][   T10] usb 3-1: new low-speed USB device number 15 using dummy_hcd
[  151.298853][ T8780] loop0: detected capacity change from 0 to 512
[  151.302094][ T8780] EXT4-fs: quotafile must be on filesystem root
[  151.310609][   T10] usb 3-1: config 32 has 1 interface, different from the descriptor's value: 2
[  151.321308][   T10] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[  151.334319][   T10] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 255, setting to 8
[  151.340306][   T10] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  151.352373][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.367405][ T8767] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  151.609410][   T10] usb 3-1: string descriptor 0 read error: -71
[  151.681371][   T10] usb 3-1: USB disconnect, device number 15
[  151.811669][ T8800] loop0: detected capacity change from 0 to 32768
[  151.844428][ T8800] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  151.856280][ T8834] loop1: detected capacity change from 0 to 1024
[  151.864789][ T8800] 
[  151.865879][ T8800] ======================================================
[  151.868831][ T8800] WARNING: possible circular locking dependency detected
[  151.871776][ T8800] 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 Not tainted
[  151.875540][ T8800] ------------------------------------------------------
[  151.878694][ T8800] syz.0.975/8800 is trying to acquire lock:
[  151.879972][ T8834] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.881298][ T8800] ffff8881175cef40 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  151.891681][ T8800] 
[  151.891681][ T8800] but task is already holding lock:
[  151.894880][ T8800] ffff8881175c9578 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0
[  151.899038][ T8800] 
[  151.899038][ T8800] which lock already depends on the new lock.
[  151.899038][ T8800] 
[  151.903478][ T8800] 
[  151.903478][ T8800] the existing dependency chain (in reverse order) is:
[  151.907272][ T8800] 
[  151.907272][ T8800] -> #5 (&oi->ip_xattr_sem){++++}-{4:4}:
[  151.910584][ T8800]        lock_acquire+0x126/0x360
[  151.912799][ T8800]        down_read+0x46/0x2e0
[  151.914815][ T8800]        ocfs2_init_acl+0x2f9/0x720
[  151.917043][ T8800]        ocfs2_mknod+0x1321/0x2050
[  151.919239][ T8800]        ocfs2_create+0x1a5/0x440
[  151.921429][ T8800]        vfs_create+0x24e/0x400
[  151.923511][ T8800]        do_mknodat+0x3c6/0x4d0
[  151.925629][ T8800]        __x64_sys_mknodat+0xa7/0xc0
[  151.927893][ T8800]        do_syscall_64+0xfa/0x3b0
[  151.930028][ T8800]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.932753][ T8800] 
[  151.932753][ T8800] -> #4 (jbd2_handle){++++}-{0:0}:
[  151.935818][ T8800]        lock_acquire+0x126/0x360
[  151.937953][ T8800]        start_this_handle+0x1fa7/0x21c0
[  151.940433][ T8800]        jbd2__journal_start+0x2c1/0x5b0
[  151.942805][ T8800]        jbd2_journal_start+0x2a/0x40
[  151.945140][ T8800]        ocfs2_start_trans+0x376/0x6d0
[  151.947512][ T8800]        ocfs2_mknod+0xe93/0x2050
[  151.949667][ T8800]        ocfs2_mkdir+0x191/0x440
[  151.951807][ T8800]        vfs_mkdir+0x306/0x510
[  151.953906][ T8800]        do_mkdirat+0x247/0x590
[  151.956078][ T8800]        __x64_sys_mkdirat+0x87/0xa0
[  151.958406][ T8800]        do_syscall_64+0xfa/0x3b0
[  151.960623][ T8800]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.963459][ T8800] 
[  151.963459][ T8800] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  151.967134][ T8800]        lock_acquire+0x126/0x360
[  151.969270][ T8800]        down_read+0x46/0x2e0
[  151.971216][ T8800]        ocfs2_start_trans+0x36a/0x6d0
[  151.973603][ T8800]        ocfs2_mknod+0xe93/0x2050
[  151.975728][ T8800]        ocfs2_mkdir+0x191/0x440
[  151.977797][ T8800]        vfs_mkdir+0x306/0x510
[  151.979863][ T8800]        do_mkdirat+0x247/0x590
[  151.981989][ T8800]        __x64_sys_mkdirat+0x87/0xa0
[  151.984262][ T8800]        do_syscall_64+0xfa/0x3b0
[  151.985927][ T8800]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.987997][ T8800] 
[  151.987997][ T8800] -> #2 (sb_internal#5){.+.+}-{0:0}:
[  151.990441][ T8800]        lock_acquire+0x126/0x360
[  151.992106][ T8800]        ocfs2_start_trans+0x26b/0x6d0
[  151.993897][ T8800]        ocfs2_mknod+0xe93/0x2050
[  151.995589][ T8800]        ocfs2_mkdir+0x191/0x440
[  151.997226][ T8800]        vfs_mkdir+0x306/0x510
[  151.998821][ T8800]        do_mkdirat+0x247/0x590
[  152.000430][ T8800]        __x64_sys_mkdirat+0x87/0xa0
[  152.002206][ T8800]        do_syscall_64+0xfa/0x3b0
[  152.003916][ T8800]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.006032][ T8800] 
[  152.006032][ T8800] -> #1 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  152.009479][ T8800]        lock_acquire+0x126/0x360
[  152.011108][ T8800]        down_write+0x96/0x1f0
[  152.012708][ T8800]        ocfs2_reserve_local_alloc_bits+0x125/0x24e0
[  152.014889][ T8800]        ocfs2_reserve_clusters_with_limit+0x1be/0xba0
[  152.017606][ T8800]        ocfs2_mknod+0xe32/0x2050
[  152.019370][ T8800]        ocfs2_mkdir+0x191/0x440
[  152.020996][ T8800]        vfs_mkdir+0x306/0x510
[  152.022624][ T8800]        do_mkdirat+0x247/0x590
[  152.024251][ T8800]        __x64_sys_mkdirat+0x87/0xa0
[  152.025951][ T8800]        do_syscall_64+0xfa/0x3b0
[  152.027573][ T8800]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.029898][ T8800] 
[  152.029898][ T8800] -> #0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  152.034065][ T8800]        validate_chain+0xb9b/0x2140
[  152.035773][ T8800]        __lock_acquire+0xab9/0xd20
[  152.037468][ T8800]        lock_acquire+0x126/0x360
[  152.039113][ T8800]        down_write+0x96/0x1f0
[  152.040920][ T8800]        ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  152.043046][ T8800]        ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  152.045232][ T8800]        ocfs2_init_xattr_set_ctxt+0x307/0x700
[  152.047137][ T8800]        ocfs2_xattr_set+0xb70/0x11f0
[  152.048856][ T8800]        __vfs_setxattr+0x43c/0x480
[  152.050505][ T8800]        __vfs_setxattr_noperm+0x12d/0x660
[  152.052399][ T8800]        vfs_setxattr+0x16b/0x2f0
[  152.054058][ T8800]        filename_setxattr+0x274/0x600
[  152.055841][ T8800]        path_setxattrat+0x364/0x3a0
[  152.057542][ T8800]        __x64_sys_setxattr+0xbc/0xe0
[  152.059262][ T8800]        do_syscall_64+0xfa/0x3b0
[  152.060877][ T8800]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.062936][ T8800] 
[  152.062936][ T8800] other info that might help us debug this:
[  152.062936][ T8800] 
[  152.066289][ T8800] Chain exists of:
[  152.066289][ T8800]   &ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE] --> jbd2_handle --> &oi->ip_xattr_sem
[  152.066289][ T8800] 
[  152.071293][ T8800]  Possible unsafe locking scenario:
[  152.071293][ T8800] 
[  152.073973][ T8800]        CPU0                    CPU1
[  152.076227][ T8800]        ----                    ----
[  152.078141][ T8800]   lock(&oi->ip_xattr_sem);
[  152.079656][ T8800]                                lock(jbd2_handle);
[  152.081758][ T8800]                                lock(&oi->ip_xattr_sem);
[  152.084050][ T8800]   lock(&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]);
[  152.086484][ T8800] 
[  152.086484][ T8800]  *** DEADLOCK ***
[  152.086484][ T8800] 
[  152.089050][ T8800] 3 locks held by syz.0.975/8800:
[  152.090721][ T8800]  #0: ffff88801b3fc428 (sb_writers#21){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  152.093704][ T8800]  #1: ffff8881175c9840 (&type->i_mutex_dir_key#16){+.+.}-{4:4}, at: vfs_setxattr+0x144/0x2f0
[  152.097052][ T8800]  #2: ffff8881175c9578 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0
[  152.100206][ T8800] 
[  152.100206][ T8800] stack backtrace:
[  152.102137][ T8800] CPU: 0 UID: 0 PID: 8800 Comm: syz.0.975 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  152.102148][ T8800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  152.102154][ T8800] Call Trace:
[  152.102160][ T8800]  <TASK>
[  152.102165][ T8800]  dump_stack_lvl+0x189/0x250
[  152.102200][ T8800]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.102208][ T8800]  ? __pfx__printk+0x10/0x10
[  152.102225][ T8800]  ? print_lock_name+0xde/0x100
[  152.102234][ T8800]  print_circular_bug+0x2ee/0x310
[  152.102244][ T8800]  check_noncircular+0x134/0x160
[  152.102253][ T8800]  validate_chain+0xb9b/0x2140
[  152.102260][ T8800]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  152.102271][ T8800]  ? look_up_lock_class+0x74/0x170
[  152.102281][ T8800]  ? register_lock_class+0x51/0x320
[  152.102291][ T8800]  __lock_acquire+0xab9/0xd20
[  152.102300][ T8800]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  152.102311][ T8800]  lock_acquire+0x126/0x360
[  152.102321][ T8800]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  152.102333][ T8800]  down_write+0x96/0x1f0
[  152.102342][ T8800]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  152.102352][ T8800]  ? __pfx_down_write+0x10/0x10
[  152.102362][ T8800]  ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  152.102375][ T8800]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  152.102382][ T8800]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.102389][ T8800]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  152.102395][ T8800]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  152.102402][ T8800]  ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10
[  152.102412][ T8800]  ? stack_depot_save_flags+0x41b/0x860
[  152.102422][ T8800]  ? kasan_save_track+0x4f/0x80
[  152.102430][ T8800]  ? kasan_save_track+0x3e/0x80
[  152.102437][ T8800]  ? __kasan_kmalloc+0x93/0xb0
[  152.102444][ T8800]  ? __kmalloc_cache_noprof+0x234/0x3f0
[  152.102453][ T8800]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  152.102465][ T8800]  ? ocfs2_init_xattr_set_ctxt+0x307/0x700
[  152.102473][ T8800]  ? ocfs2_xattr_set+0xb70/0x11f0
[  152.102479][ T8800]  ? __vfs_setxattr+0x43c/0x480
[  152.102488][ T8800]  ? __vfs_setxattr_noperm+0x12d/0x660
[  152.102496][ T8800]  ? vfs_setxattr+0x16b/0x2f0
[  152.102504][ T8800]  ? filename_setxattr+0x274/0x600
[  152.102513][ T8800]  ? path_setxattrat+0x364/0x3a0
[  152.102520][ T8800]  ? __x64_sys_setxattr+0xbc/0xe0
[  152.102529][ T8800]  ? do_syscall_64+0xfa/0x3b0
[  152.102536][ T8800]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.102549][ T8800]  ? __kasan_kmalloc+0x93/0xb0
[  152.102557][ T8800]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  152.102567][ T8800]  ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  152.102578][ T8800]  ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10
[  152.102588][ T8800]  ? __pfx_ocfs2_calc_xattr_set_need+0x10/0x10
[  152.102600][ T8800]  ? __lock_acquire+0xab9/0xd20
[  152.102614][ T8800]  ocfs2_init_xattr_set_ctxt+0x307/0x700
[  152.102625][ T8800]  ? __pfx_ocfs2_init_xattr_set_ctxt+0x10/0x10
[  152.102635][ T8800]  ? ocfs2_xattr_set+0xb36/0x11f0
[  152.102644][ T8800]  ? up_write+0x1c4/0x420
[  152.102652][ T8800]  ? ocfs2_xattr_set+0x334/0x11f0
[  152.102662][ T8800]  ocfs2_xattr_set+0xb70/0x11f0
[  152.102677][ T8800]  ? __pfx_ocfs2_xattr_set+0x10/0x10
[  152.102685][ T8800]  ? ocfs2_permission+0x107/0x1b0
[  152.102694][ T8800]  ? __pfx_ocfs2_permission+0x10/0x10
[  152.102704][ T8800]  ? inode_permission+0x149/0x470
[  152.102711][ T8800]  ? __pfx_ocfs2_permission+0x10/0x10
[  152.102725][ T8800]  ? look_up_lock_class+0x74/0x170
[  152.102736][ T8800]  ? register_lock_class+0x51/0x320
[  152.102752][ T8800]  ? posix_xattr_acl+0x93/0xc0
[  152.102763][ T8800]  ? evm_protect_xattr+0x4d4/0xa90
[  152.102770][ T8800]  ? __pfx_evm_protect_xattr+0x10/0x10
[  152.102776][ T8800]  ? __pfx_ocfs2_xattr_trusted_set+0x10/0x10
[  152.102783][ T8800]  __vfs_setxattr+0x43c/0x480
[  152.102794][ T8800]  __vfs_setxattr_noperm+0x12d/0x660
[  152.102804][ T8800]  vfs_setxattr+0x16b/0x2f0
[  152.102814][ T8800]  ? __pfx_vfs_setxattr+0x10/0x10
[  152.102822][ T8800]  ? mnt_get_write_access+0x223/0x2a0
[  152.102830][ T8800]  filename_setxattr+0x274/0x600
[  152.102841][ T8800]  ? __pfx_filename_setxattr+0x10/0x10
[  152.102851][ T8800]  ? getname_flags+0x1e5/0x540
[  152.102857][ T8800]  path_setxattrat+0x364/0x3a0
[  152.102865][ T8800]  ? __pfx_path_setxattrat+0x10/0x10
[  152.102872][ T8800]  ? do_futex+0x333/0x420
[  152.102884][ T8800]  ? __pfx___se_sys_futex+0x10/0x10
[  152.102891][ T8800]  ? __se_sys_chdir+0x1b9/0x280
[  152.102901][ T8800]  ? __pfx___se_sys_chdir+0x10/0x10
[  152.102909][ T8800]  ? rcu_is_watching+0x15/0xb0
[  152.102916][ T8800]  __x64_sys_setxattr+0xbc/0xe0
[  152.102926][ T8800]  do_syscall_64+0xfa/0x3b0
[  152.102934][ T8800]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.102941][ T8800]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.102947][ T8800]  ? exc_page_fault+0x9f/0xf0
[  152.102954][ T8800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.102961][ T8800] RIP: 0033:0x7f7f5118ebe9
[  152.102971][ T8800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.102977][ T8800] RSP: 002b:00007f7f51f18038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  152.102985][ T8800] RAX: ffffffffffffffda RBX: 00007f7f513b5fa0 RCX: 00007f7f5118ebe9
[  152.102990][ T8800] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000200000000240
[  152.102995][ T8800] RBP: 00007f7f51211e19 R08: 0000000000000000 R09: 0000000000000000
[  152.102999][ T8800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.103003][ T8800] R13: 00007f7f513b6038 R14: 00007f7f513b5fa0 R15: 00007fffc31d9ff8
[  152.103010][ T8800]  </TASK>
[  152.292987][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.372077][ T5849] ocfs2: Unmounting device (7,0) on (node local)

VM DIAGNOSIS:
22:46:39  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000079 RBX=0000000000000079 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001101 RDI=0000000000001102 RBP=00000000000003f8 RSP=ffffc90006d8e4b0
R8 =ffff8881077f0237 R9 =1ffff11020efe046 R10=dffffc0000000000 R11=ffffffff854e7660
R12=dffffc0000000000 R13=ffffffff99af2901 R14=ffffffff99de7520 R15=0000000000000000
RIP=ffffffff854e76dc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7f51f186c0 ffffffff 00c00000
GS =0000 ffff8880b8623000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7f511733e0 CR3=000000003e92c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffff ffffff0000000000 XMM01=0101010101010101 0101010000000000
XMM02=695f746e756f6d5f 7a79730032736667 XMM03=75663d79636e6572 65686f632c6c6c75
XMM04=652c736b636f6c66 6c61636f6c2c6c6c XMM05=0000000000000000 00007f7f51f176e0
XMM06=00007f7f51f176e0 00007f7f51f17560 XMM07=00007f7f51f175a0 00007f7f51f17580
XMM08=0000000000000000 0000000000000dbe XMM09=0000000000000000 00007f7f51212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff888104d3c490 RCX=ffffc9000004b000 RDX=ffff88810cf89cc0
RSI=0000000000000200 RDI=0000000000000048 RBP=0000000000000049 RSP=ffffc900069c77a8
R8 =ffffc900069c7870 R9 =0000000000000004 R10=dffffc0000000000 R11=fffff52000d38ef4
R12=ffffc900069c7870 R13=dffffc0000000000 R14=0000000000012000 R15=0000000000000200
RIP=ffffffff820403dc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f44bb1bc6c0 ffffffff 00c00000
GS =0000 ffff8881a3c23000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f44ba3733e0 CR3=000000010ef36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffff00ff00000000 0000000000000000
XMM02=ffffffffffffff00 ffff000000000000 XMM03=00000000000000ff ffffffffffffff00
XMM04=0000000000000000 0000000000000000 XMM05=622d383864342d63 6666352d63333536
XMM06=656431626632785c 646975752d796266 XMM07=32785c6b73696466 32785c2f736b6e69
XMM08=00ffff00ffffffff ffffffffffffffff XMM09=3400003700000000 303a37622f396533
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
